src/libcharon/plugins/medcli/Makefile
src/libcharon/plugins/nm/Makefile
src/libcharon/plugins/uci/Makefile
- src/libcharon/plugins/ha_sync/Makefile
+ src/libcharon/plugins/ha/Makefile
src/libcharon/plugins/android/Makefile
src/libcharon/plugins/stroke/Makefile
src/libcharon/plugins/updown/Makefile
--- /dev/null
+
+INCLUDES = -I${linux_headers} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
+
+AM_CFLAGS = -rdynamic -DIPSEC_PIDDIR=\"${piddir}\"
+
+plugin_LTLIBRARIES = libstrongswan-ha.la
+libstrongswan_ha_la_SOURCES = \
+ ha_plugin.h ha_plugin.c \
+ ha_message.h ha_message.c \
+ ha_socket.h ha_socket.c \
+ ha_tunnel.h ha_tunnel.c \
+ ha_dispatcher.h ha_dispatcher.c \
+ ha_segments.h ha_segments.c \
+ ha_kernel.h ha_kernel.c \
+ ha_ctl.h ha_ctl.c \
+ ha_ike.h ha_ike.c \
+ ha_child.h ha_child.c
+libstrongswan_ha_la_LDFLAGS = -module
+
* for more details.
*/
-#include "ha_sync_child.h"
+#include "ha_child.h"
-typedef struct private_ha_sync_child_t private_ha_sync_child_t;
+typedef struct private_ha_child_t private_ha_child_t;
/**
- * Private data of an ha_sync_child_t object.
+ * Private data of an ha_child_t object.
*/
-struct private_ha_sync_child_t {
+struct private_ha_child_t {
/**
- * Public ha_sync_child_t interface.
+ * Public ha_child_t interface.
*/
- ha_sync_child_t public;
+ ha_child_t public;
/**
* socket we use for syncing
*/
- ha_sync_socket_t *socket;
+ ha_socket_t *socket;
/**
* tunnel securing sync messages
*/
- ha_sync_tunnel_t *tunnel;
+ ha_tunnel_t *tunnel;
};
/**
* Implementation of listener_t.child_keys
*/
-static bool child_keys(private_ha_sync_child_t *this, ike_sa_t *ike_sa,
+static bool child_keys(private_ha_child_t *this, ike_sa_t *ike_sa,
child_sa_t *child_sa, diffie_hellman_t *dh,
chunk_t nonce_i, chunk_t nonce_r)
{
- ha_sync_message_t *m;
+ ha_message_t *m;
chunk_t secret;
proposal_t *proposal;
u_int16_t alg, len;
enumerator_t *enumerator;
traffic_selector_t *ts;
- if (this->tunnel && this->tunnel->is_sync_sa(this->tunnel, ike_sa))
+ if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{ /* do not sync SA between nodes */
return TRUE;
}
- m = ha_sync_message_create(HA_SYNC_CHILD_ADD);
+ m = ha_message_create(HA_CHILD_ADD);
- m->add_attribute(m, HA_SYNC_IKE_ID, ike_sa->get_id(ike_sa));
- m->add_attribute(m, HA_SYNC_INBOUND_SPI, child_sa->get_spi(child_sa, TRUE));
- m->add_attribute(m, HA_SYNC_OUTBOUND_SPI, child_sa->get_spi(child_sa, FALSE));
- m->add_attribute(m, HA_SYNC_INBOUND_CPI, child_sa->get_cpi(child_sa, TRUE));
- m->add_attribute(m, HA_SYNC_OUTBOUND_CPI, child_sa->get_cpi(child_sa, FALSE));
- m->add_attribute(m, HA_SYNC_IPSEC_MODE, child_sa->get_mode(child_sa));
- m->add_attribute(m, HA_SYNC_IPCOMP, child_sa->get_ipcomp(child_sa));
- m->add_attribute(m, HA_SYNC_CONFIG_NAME, child_sa->get_name(child_sa));
+ m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
+ m->add_attribute(m, HA_INBOUND_SPI, child_sa->get_spi(child_sa, TRUE));
+ m->add_attribute(m, HA_OUTBOUND_SPI, child_sa->get_spi(child_sa, FALSE));
+ m->add_attribute(m, HA_INBOUND_CPI, child_sa->get_cpi(child_sa, TRUE));
+ m->add_attribute(m, HA_OUTBOUND_CPI, child_sa->get_cpi(child_sa, FALSE));
+ m->add_attribute(m, HA_IPSEC_MODE, child_sa->get_mode(child_sa));
+ m->add_attribute(m, HA_IPCOMP, child_sa->get_ipcomp(child_sa));
+ m->add_attribute(m, HA_CONFIG_NAME, child_sa->get_name(child_sa));
proposal = child_sa->get_proposal(child_sa);
if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &alg, &len))
{
- m->add_attribute(m, HA_SYNC_ALG_ENCR, alg);
+ m->add_attribute(m, HA_ALG_ENCR, alg);
if (len)
{
- m->add_attribute(m, HA_SYNC_ALG_ENCR_LEN, len);
+ m->add_attribute(m, HA_ALG_ENCR_LEN, len);
}
}
if (proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &alg, NULL))
{
- m->add_attribute(m, HA_SYNC_ALG_INTEG, alg);
+ m->add_attribute(m, HA_ALG_INTEG, alg);
}
- m->add_attribute(m, HA_SYNC_NONCE_I, nonce_i);
- m->add_attribute(m, HA_SYNC_NONCE_R, nonce_r);
+ m->add_attribute(m, HA_NONCE_I, nonce_i);
+ m->add_attribute(m, HA_NONCE_R, nonce_r);
if (dh && dh->get_shared_secret(dh, &secret) == SUCCESS)
{
- m->add_attribute(m, HA_SYNC_SECRET, secret);
+ m->add_attribute(m, HA_SECRET, secret);
chunk_clear(&secret);
}
enumerator = list->create_enumerator(list);
while (enumerator->enumerate(enumerator, &ts))
{
- m->add_attribute(m, HA_SYNC_LOCAL_TS, ts);
+ m->add_attribute(m, HA_LOCAL_TS, ts);
}
enumerator->destroy(enumerator);
list = child_sa->get_traffic_selectors(child_sa, FALSE);
enumerator = list->create_enumerator(list);
while (enumerator->enumerate(enumerator, &ts))
{
- m->add_attribute(m, HA_SYNC_REMOTE_TS, ts);
+ m->add_attribute(m, HA_REMOTE_TS, ts);
}
enumerator->destroy(enumerator);
/**
* Implementation of listener_t.child_state_change
*/
-static bool child_state_change(private_ha_sync_child_t *this, ike_sa_t *ike_sa,
+static bool child_state_change(private_ha_child_t *this, ike_sa_t *ike_sa,
child_sa_t *child_sa, child_sa_state_t state)
{
if (!ike_sa ||
{ /* only sync active IKE_SAs */
return TRUE;
}
- if (this->tunnel && this->tunnel->is_sync_sa(this->tunnel, ike_sa))
+ if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{ /* do not sync SA between nodes */
return TRUE;
}
if (state == CHILD_DESTROYING)
{
- ha_sync_message_t *m;
+ ha_message_t *m;
- m = ha_sync_message_create(HA_SYNC_CHILD_DELETE);
+ m = ha_message_create(HA_CHILD_DELETE);
- m->add_attribute(m, HA_SYNC_IKE_ID, ike_sa->get_id(ike_sa));
- m->add_attribute(m, HA_SYNC_INBOUND_SPI,
+ m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
+ m->add_attribute(m, HA_INBOUND_SPI,
child_sa->get_spi(child_sa, TRUE));
this->socket->push(this->socket, m);
}
}
/**
- * Implementation of ha_sync_child_t.destroy.
+ * Implementation of ha_child_t.destroy.
*/
-static void destroy(private_ha_sync_child_t *this)
+static void destroy(private_ha_child_t *this)
{
free(this);
}
/**
* See header
*/
-ha_sync_child_t *ha_sync_child_create(ha_sync_socket_t *socket,
- ha_sync_tunnel_t *tunnel)
+ha_child_t *ha_child_create(ha_socket_t *socket, ha_tunnel_t *tunnel)
{
- private_ha_sync_child_t *this = malloc_thing(private_ha_sync_child_t);
+ private_ha_child_t *this = malloc_thing(private_ha_child_t);
memset(&this->public.listener, 0, sizeof(listener_t));
this->public.listener.child_keys = (bool(*)(listener_t*, ike_sa_t *ike_sa, child_sa_t *child_sa, diffie_hellman_t *dh, chunk_t nonce_i, chunk_t nonce_r))child_keys;
this->public.listener.child_state_change = (bool(*)(listener_t*,ike_sa_t *ike_sa, child_sa_t *child_sa, child_sa_state_t state))child_state_change;
- this->public.destroy = (void(*)(ha_sync_child_t*))destroy;
+ this->public.destroy = (void(*)(ha_child_t*))destroy;
this->socket = socket;
this->tunnel = tunnel;
*/
/**
- * @defgroup ha_sync_child ha_sync_child
- * @{ @ingroup ha_sync
+ * @defgroup ha_child ha_child
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_CHILD_H_
-#define HA_SYNC_CHILD_H_
+#ifndef HA_CHILD_H_
+#define HA_CHILD_H_
-#include "ha_sync_socket.h"
-#include "ha_sync_tunnel.h"
-#include "ha_sync_segments.h"
+#include "ha_socket.h"
+#include "ha_tunnel.h"
+#include "ha_segments.h"
#include <daemon.h>
-typedef struct ha_sync_child_t ha_sync_child_t;
+typedef struct ha_child_t ha_child_t;
/**
* Listener to synchronize CHILD_SAs.
*/
-struct ha_sync_child_t {
+struct ha_child_t {
/**
* Implements bus listener interface.
listener_t listener;
/**
- * Destroy a ha_sync_child_t.
+ * Destroy a ha_child_t.
*/
- void (*destroy)(ha_sync_child_t *this);
+ void (*destroy)(ha_child_t *this);
};
/**
- * Create a ha_sync_child instance.
+ * Create a ha_child instance.
*
* @param socket socket to use for sending synchronization messages
* @param tunnel tunnel securing sync messages, if any
* @return CHILD listener
*/
-ha_sync_child_t *ha_sync_child_create(ha_sync_socket_t *socket,
- ha_sync_tunnel_t *tunnel);
+ha_child_t *ha_child_create(ha_socket_t *socket, ha_tunnel_t *tunnel);
-#endif /* HA_SYNC_CHILD_ @}*/
+#endif /* HA_CHILD_ @}*/
* for more details.
*/
-#include "ha_sync_ctl.h"
+#include "ha_ctl.h"
#include <sys/types.h>
#include <sys/stat.h>
#include <processing/jobs/callback_job.h>
-#define HA_SYNC_FIFO IPSEC_PIDDIR "/charon.ha"
+#define HA_FIFO IPSEC_PIDDIR "/charon.ha"
-typedef struct private_ha_sync_ctl_t private_ha_sync_ctl_t;
+typedef struct private_ha_ctl_t private_ha_ctl_t;
/**
- * Private data of an ha_sync_ctl_t object.
+ * Private data of an ha_ctl_t object.
*/
-struct private_ha_sync_ctl_t {
+struct private_ha_ctl_t {
/**
- * Public ha_sync_ctl_t interface.
+ * Public ha_ctl_t interface.
*/
- ha_sync_ctl_t public;
+ ha_ctl_t public;
/**
* Segments to control
*/
- ha_sync_segments_t *segments;
+ ha_segments_t *segments;
/**
* FIFO reader thread
/**
* FIFO dispatching function
*/
-static job_requeue_t dispatch_fifo(private_ha_sync_ctl_t *this)
+static job_requeue_t dispatch_fifo(private_ha_ctl_t *this)
{
int fifo, old;
char buf[8];
u_int segment;
pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, &old);
- fifo = open(HA_SYNC_FIFO, O_RDONLY);
+ fifo = open(HA_FIFO, O_RDONLY);
pthread_setcancelstate(old, NULL);
if (fifo == -1)
{
- DBG1(DBG_CFG, "opening HA sync fifo failed: %s", strerror(errno));
+ DBG1(DBG_CFG, "opening HA fifo failed: %s", strerror(errno));
sleep(1);
return JOB_REQUEUE_FAIR;
}
}
/**
- * Implementation of ha_sync_ctl_t.destroy.
+ * Implementation of ha_ctl_t.destroy.
*/
-static void destroy(private_ha_sync_ctl_t *this)
+static void destroy(private_ha_ctl_t *this)
{
this->job->cancel(this->job);
free(this);
/**
* See header
*/
-ha_sync_ctl_t *ha_sync_ctl_create(ha_sync_segments_t *segments)
+ha_ctl_t *ha_ctl_create(ha_segments_t *segments)
{
- private_ha_sync_ctl_t *this = malloc_thing(private_ha_sync_ctl_t);
+ private_ha_ctl_t *this = malloc_thing(private_ha_ctl_t);
- this->public.destroy = (void(*)(ha_sync_ctl_t*))destroy;
+ this->public.destroy = (void(*)(ha_ctl_t*))destroy;
- if (access(HA_SYNC_FIFO, R_OK|W_OK) != 0)
+ if (access(HA_FIFO, R_OK|W_OK) != 0)
{
- if (mkfifo(HA_SYNC_FIFO, 600) != 0)
+ if (mkfifo(HA_FIFO, 600) != 0)
{
- DBG1(DBG_CFG, "creating HA sync FIFO %s failed: %s",
- HA_SYNC_FIFO, strerror(errno));
+ DBG1(DBG_CFG, "creating HA FIFO %s failed: %s",
+ HA_FIFO, strerror(errno));
}
}
*/
/**
- * @defgroup ha_sync_ctl ha_sync_ctl
- * @{ @ingroup ha_sync
+ * @defgroup ha_ctl ha_ctl
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_CTL_H_
-#define HA_SYNC_CTL_H_
+#ifndef HA_CTL_H_
+#define HA_CTL_H_
-#include "ha_sync_segments.h"
+#include "ha_segments.h"
-typedef struct ha_sync_ctl_t ha_sync_ctl_t;
+typedef struct ha_ctl_t ha_ctl_t;
/**
* HA Sync control interface using a FIFO.
*/
-struct ha_sync_ctl_t {
+struct ha_ctl_t {
/**
- * Destroy a ha_sync_ctl_t.
+ * Destroy a ha_ctl_t.
*/
- void (*destroy)(ha_sync_ctl_t *this);
+ void (*destroy)(ha_ctl_t *this);
};
/**
- * Create a ha_sync_ctl instance.
+ * Create a ha_ctl instance.
*
* @param segments segments to control
- * @return HA sync control interface
+ * @return HA control interface
*/
-ha_sync_ctl_t *ha_sync_ctl_create(ha_sync_segments_t *segments);
+ha_ctl_t *ha_ctl_create(ha_segments_t *segments);
-#endif /* HA_SYNC_CTL_ @}*/
+#endif /* HA_CTL_ @}*/
* for more details.
*/
-#include "ha_sync_dispatcher.h"
+#include "ha_dispatcher.h"
#include <daemon.h>
#include <processing/jobs/callback_job.h>
-typedef struct private_ha_sync_dispatcher_t private_ha_sync_dispatcher_t;
+typedef struct private_ha_dispatcher_t private_ha_dispatcher_t;
/**
- * Private data of an ha_sync_dispatcher_t object.
+ * Private data of an ha_dispatcher_t object.
*/
-struct private_ha_sync_dispatcher_t {
+struct private_ha_dispatcher_t {
/**
- * Public ha_sync_dispatcher_t interface.
+ * Public ha_dispatcher_t interface.
*/
- ha_sync_dispatcher_t public;
+ ha_dispatcher_t public;
/**
* socket to pull messages from
*/
- ha_sync_socket_t *socket;
+ ha_socket_t *socket;
/**
* segments to control
*/
- ha_sync_segments_t *segments;
+ ha_segments_t *segments;
/**
* Dispatcher job
/**
* Process messages of type IKE_ADD
*/
-static void process_ike_add(private_ha_sync_dispatcher_t *this,
- ha_sync_message_t *message)
+static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message)
{
- ha_sync_message_attribute_t attribute;
- ha_sync_message_value_t value;
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
enumerator_t *enumerator;
ike_sa_t *ike_sa = NULL, *old_sa = NULL;
u_int16_t encr = 0, len = 0, integ = 0, prf = 0, old_prf = PRF_UNDEFINED;
{
switch (attribute)
{
- case HA_SYNC_IKE_ID:
+ case HA_IKE_ID:
ike_sa = ike_sa_create(value.ike_sa_id);
break;
- case HA_SYNC_IKE_REKEY_ID:
+ case HA_IKE_REKEY_ID:
old_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
value.ike_sa_id);
break;
- case HA_SYNC_NONCE_I:
+ case HA_NONCE_I:
nonce_i = value.chunk;
break;
- case HA_SYNC_NONCE_R:
+ case HA_NONCE_R:
nonce_r = value.chunk;
break;
- case HA_SYNC_SECRET:
+ case HA_SECRET:
secret = value.chunk;
break;
- case HA_SYNC_OLD_SKD:
+ case HA_OLD_SKD:
old_skd = value.chunk;
break;
- case HA_SYNC_ALG_ENCR:
+ case HA_ALG_ENCR:
encr = value.u16;
break;
- case HA_SYNC_ALG_ENCR_LEN:
+ case HA_ALG_ENCR_LEN:
len = value.u16;
break;
- case HA_SYNC_ALG_INTEG:
+ case HA_ALG_INTEG:
integ = value.u16;
break;
- case HA_SYNC_ALG_PRF:
+ case HA_ALG_PRF:
prf = value.u16;
break;
- case HA_SYNC_ALG_OLD_PRF:
+ case HA_ALG_OLD_PRF:
old_prf = value.u16;
break;
default:
}
else
{
- DBG1(DBG_IKE, "HA sync keymat derivation failed");
+ DBG1(DBG_IKE, "HA keymat derivation failed");
ike_sa->destroy(ike_sa);
}
charon->bus->set_sa(charon->bus, NULL);
/**
* Process messages of type IKE_UPDATE
*/
-static void process_ike_update(private_ha_sync_dispatcher_t *this,
- ha_sync_message_t *message)
+static void process_ike_update(private_ha_dispatcher_t *this,
+ ha_message_t *message)
{
- ha_sync_message_attribute_t attribute;
- ha_sync_message_value_t value;
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
enumerator_t *enumerator;
ike_sa_t *ike_sa = NULL;
peer_cfg_t *peer_cfg = NULL;
enumerator = message->create_attribute_enumerator(message);
while (enumerator->enumerate(enumerator, &attribute, &value))
{
- if (attribute != HA_SYNC_IKE_ID && ike_sa == NULL)
+ if (attribute != HA_IKE_ID && ike_sa == NULL)
{
/* must be first attribute */
break;
}
switch (attribute)
{
- case HA_SYNC_IKE_ID:
+ case HA_IKE_ID:
ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
value.ike_sa_id);
break;
- case HA_SYNC_LOCAL_ID:
+ case HA_LOCAL_ID:
ike_sa->set_my_id(ike_sa, value.id->clone(value.id));
break;
- case HA_SYNC_REMOTE_ID:
+ case HA_REMOTE_ID:
ike_sa->set_other_id(ike_sa, value.id->clone(value.id));
break;
- case HA_SYNC_EAP_ID:
+ case HA_EAP_ID:
ike_sa->set_eap_identity(ike_sa, value.id->clone(value.id));
break;
- case HA_SYNC_LOCAL_ADDR:
+ case HA_LOCAL_ADDR:
ike_sa->set_my_host(ike_sa, value.host->clone(value.host));
break;
- case HA_SYNC_REMOTE_ADDR:
+ case HA_REMOTE_ADDR:
ike_sa->set_other_host(ike_sa, value.host->clone(value.host));
break;
- case HA_SYNC_LOCAL_VIP:
+ case HA_LOCAL_VIP:
ike_sa->set_virtual_ip(ike_sa, TRUE, value.host);
break;
- case HA_SYNC_REMOTE_VIP:
+ case HA_REMOTE_VIP:
ike_sa->set_virtual_ip(ike_sa, FALSE, value.host);
break;
- case HA_SYNC_ADDITIONAL_ADDR:
+ case HA_ADDITIONAL_ADDR:
ike_sa->add_additional_address(ike_sa,
value.host->clone(value.host));
break;
- case HA_SYNC_CONFIG_NAME:
+ case HA_CONFIG_NAME:
peer_cfg = charon->backends->get_peer_cfg_by_name(
charon->backends, value.str);
if (peer_cfg)
}
else
{
- DBG1(DBG_IKE, "HA sync is missing nodes peer configuration");
+ DBG1(DBG_IKE, "HA is missing nodes peer configuration");
}
break;
- case HA_SYNC_EXTENSIONS:
+ case HA_EXTENSIONS:
set_extension(ike_sa, value.u32, EXT_NATT);
set_extension(ike_sa, value.u32, EXT_MOBIKE);
set_extension(ike_sa, value.u32, EXT_HASH_AND_URL);
break;
- case HA_SYNC_CONDITIONS:
+ case HA_CONDITIONS:
set_condition(ike_sa, value.u32, COND_NAT_ANY);
set_condition(ike_sa, value.u32, COND_NAT_HERE);
set_condition(ike_sa, value.u32, COND_NAT_THERE);
set_condition(ike_sa, value.u32, COND_CERTREQ_SEEN);
set_condition(ike_sa, value.u32, COND_ORIGINAL_INITIATOR);
break;
- case HA_SYNC_INITIATE_MID:
+ case HA_INITIATE_MID:
ike_sa->set_message_id(ike_sa, TRUE, value.u32);
break;
- case HA_SYNC_RESPOND_MID:
+ case HA_RESPOND_MID:
ike_sa->set_message_id(ike_sa, FALSE, value.u32);
break;
default:
/**
* Process messages of type IKE_DELETE
*/
-static void process_ike_delete(private_ha_sync_dispatcher_t *this,
- ha_sync_message_t *message)
+static void process_ike_delete(private_ha_dispatcher_t *this,
+ ha_message_t *message)
{
- ha_sync_message_attribute_t attribute;
- ha_sync_message_value_t value;
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
enumerator_t *enumerator;
ike_sa_t *ike_sa;
{
switch (attribute)
{
- case HA_SYNC_IKE_ID:
+ case HA_IKE_ID:
ike_sa = charon->ike_sa_manager->checkout(
charon->ike_sa_manager, value.ike_sa_id);
if (ike_sa)
/**
* Process messages of type CHILD_ADD
*/
-static void process_child_add(private_ha_sync_dispatcher_t *this,
- ha_sync_message_t *message)
+static void process_child_add(private_ha_dispatcher_t *this,
+ ha_message_t *message)
{
- ha_sync_message_attribute_t attribute;
- ha_sync_message_value_t value;
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
enumerator_t *enumerator;
ike_sa_t *ike_sa = NULL;
char *config_name;
{
switch (attribute)
{
- case HA_SYNC_IKE_ID:
+ case HA_IKE_ID:
ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
value.ike_sa_id);
initiator = value.ike_sa_id->is_initiator(value.ike_sa_id);
break;
- case HA_SYNC_CONFIG_NAME:
+ case HA_CONFIG_NAME:
config_name = value.str;
break;
- case HA_SYNC_INBOUND_SPI:
+ case HA_INBOUND_SPI:
inbound_spi = value.u32;
break;
- case HA_SYNC_OUTBOUND_SPI:
+ case HA_OUTBOUND_SPI:
outbound_spi = value.u32;
break;
- case HA_SYNC_INBOUND_CPI:
+ case HA_INBOUND_CPI:
inbound_cpi = value.u32;
break;
- case HA_SYNC_OUTBOUND_CPI:
+ case HA_OUTBOUND_CPI:
outbound_cpi = value.u32;
break;
- case HA_SYNC_IPSEC_MODE:
+ case HA_IPSEC_MODE:
mode = value.u8;
break;
- case HA_SYNC_IPCOMP:
+ case HA_IPCOMP:
ipcomp = value.u8;
break;
- case HA_SYNC_ALG_ENCR:
+ case HA_ALG_ENCR:
encr = value.u16;
break;
- case HA_SYNC_ALG_ENCR_LEN:
+ case HA_ALG_ENCR_LEN:
len = value.u16;
break;
- case HA_SYNC_ALG_INTEG:
+ case HA_ALG_INTEG:
integ = value.u16;
break;
- case HA_SYNC_NONCE_I:
+ case HA_NONCE_I:
nonce_i = value.chunk;
break;
- case HA_SYNC_NONCE_R:
+ case HA_NONCE_R:
nonce_r = value.chunk;
break;
- case HA_SYNC_SECRET:
+ case HA_SECRET:
secret = value.chunk;
break;
default:
if (!ike_sa)
{
- DBG1(DBG_CHD, "IKE_SA for HA sync CHILD_SA not found");
+ DBG1(DBG_CHD, "IKE_SA for HA CHILD_SA not found");
return;
}
config = find_child_cfg(ike_sa, config_name);
if (!config)
{
- DBG1(DBG_CHD, "HA sync is missing nodes child configuration");
+ DBG1(DBG_CHD, "HA is missing nodes child configuration");
charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
return;
}
if (!keymat->derive_child_keys(keymat, proposal, secret.ptr ? &dh : NULL,
nonce_i, nonce_r, &encr_i, &integ_i, &encr_r, &integ_r))
{
- DBG1(DBG_CHD, "HA sync CHILD_SA key derivation failed");
+ DBG1(DBG_CHD, "HA CHILD_SA key derivation failed");
child_sa->destroy(child_sa);
proposal->destroy(proposal);
charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
if (failed)
{
- DBG1(DBG_CHD, "HA sync CHILD_SA installation failed");
+ DBG1(DBG_CHD, "HA CHILD_SA installation failed");
child_sa->destroy(child_sa);
charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
return;
{
switch (attribute)
{
- case HA_SYNC_LOCAL_TS:
+ case HA_LOCAL_TS:
local_ts->insert_last(local_ts, value.ts->clone(value.ts));
break;
- case HA_SYNC_REMOTE_TS:
+ case HA_REMOTE_TS:
remote_ts->insert_last(remote_ts, value.ts->clone(value.ts));
break;
default:
/**
* Process messages of type CHILD_DELETE
*/
-static void process_child_delete(private_ha_sync_dispatcher_t *this,
- ha_sync_message_t *message)
+static void process_child_delete(private_ha_dispatcher_t *this,
+ ha_message_t *message)
{
- ha_sync_message_attribute_t attribute;
- ha_sync_message_value_t value;
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
enumerator_t *enumerator;
ike_sa_t *ike_sa = NULL;
{
switch (attribute)
{
- case HA_SYNC_IKE_ID:
+ case HA_IKE_ID:
ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
value.ike_sa_id);
break;
- case HA_SYNC_INBOUND_SPI:
+ case HA_INBOUND_SPI:
if (ike_sa)
{
ike_sa->destroy_child_sa(ike_sa, PROTO_ESP, value.u32);
/**
* Process messages of type SEGMENT_TAKE/DROP
*/
-static void process_segment(private_ha_sync_dispatcher_t *this,
- ha_sync_message_t *message, bool take)
+static void process_segment(private_ha_dispatcher_t *this,
+ ha_message_t *message, bool take)
{
- ha_sync_message_attribute_t attribute;
- ha_sync_message_value_t value;
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
enumerator_t *enumerator;
enumerator = message->create_attribute_enumerator(message);
{
switch (attribute)
{
- case HA_SYNC_SEGMENT:
+ case HA_SEGMENT:
if (take)
{
this->segments->deactivate(this->segments, value.u16, FALSE);
/**
* Process messages of type STATUS
*/
-static void process_status(private_ha_sync_dispatcher_t *this,
- ha_sync_message_t *message)
+static void process_status(private_ha_dispatcher_t *this,
+ ha_message_t *message)
{
- ha_sync_message_attribute_t attribute;
- ha_sync_message_value_t value;
+ ha_message_attribute_t attribute;
+ ha_message_value_t value;
enumerator_t *enumerator;
segment_mask_t mask = 0;
{
switch (attribute)
{
- case HA_SYNC_SEGMENT:
+ case HA_SEGMENT:
mask |= SEGMENTS_BIT(value.u16);
break;
default:
/**
* Dispatcher job function
*/
-static job_requeue_t dispatch(private_ha_sync_dispatcher_t *this)
+static job_requeue_t dispatch(private_ha_dispatcher_t *this)
{
- ha_sync_message_t *message;
+ ha_message_t *message;
message = this->socket->pull(this->socket);
switch (message->get_type(message))
{
- case HA_SYNC_IKE_ADD:
+ case HA_IKE_ADD:
process_ike_add(this, message);
break;
- case HA_SYNC_IKE_UPDATE:
+ case HA_IKE_UPDATE:
process_ike_update(this, message);
break;
- case HA_SYNC_IKE_DELETE:
+ case HA_IKE_DELETE:
process_ike_delete(this, message);
break;
- case HA_SYNC_CHILD_ADD:
+ case HA_CHILD_ADD:
process_child_add(this, message);
break;
- case HA_SYNC_CHILD_DELETE:
+ case HA_CHILD_DELETE:
process_child_delete(this, message);
break;
- case HA_SYNC_SEGMENT_DROP:
+ case HA_SEGMENT_DROP:
process_segment(this, message, FALSE);
break;
- case HA_SYNC_SEGMENT_TAKE:
+ case HA_SEGMENT_TAKE:
process_segment(this, message, TRUE);
break;
- case HA_SYNC_STATUS:
+ case HA_STATUS:
process_status(this, message);
break;
default:
- DBG1(DBG_CFG, "received unknown HA sync message type %d",
+ DBG1(DBG_CFG, "received unknown HA message type %d",
message->get_type(message));
break;
}
}
/**
- * Implementation of ha_sync_dispatcher_t.destroy.
+ * Implementation of ha_dispatcher_t.destroy.
*/
-static void destroy(private_ha_sync_dispatcher_t *this)
+static void destroy(private_ha_dispatcher_t *this)
{
this->job->cancel(this->job);
free(this);
/**
* See header
*/
-ha_sync_dispatcher_t *ha_sync_dispatcher_create(ha_sync_socket_t *socket,
- ha_sync_segments_t *segments)
+ha_dispatcher_t *ha_dispatcher_create(ha_socket_t *socket,
+ ha_segments_t *segments)
{
- private_ha_sync_dispatcher_t *this = malloc_thing(private_ha_sync_dispatcher_t);
+ private_ha_dispatcher_t *this = malloc_thing(private_ha_dispatcher_t);
- this->public.destroy = (void(*)(ha_sync_dispatcher_t*))destroy;
+ this->public.destroy = (void(*)(ha_dispatcher_t*))destroy;
this->socket = socket;
this->segments = segments;
*/
/**
- * @defgroup ha_sync_dispatcher ha_sync_dispatcher
- * @{ @ingroup ha-sync
+ * @defgroup ha_dispatcher ha_dispatcher
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_DISPATCHER_H_
-#define HA_SYNC_DISPATCHER_H_
+#ifndef HA_DISPATCHER_H_
+#define HA_DISPATCHER_H_
-#include "ha_sync_socket.h"
-#include "ha_sync_segments.h"
+#include "ha_socket.h"
+#include "ha_segments.h"
-typedef struct ha_sync_dispatcher_t ha_sync_dispatcher_t;
+typedef struct ha_dispatcher_t ha_dispatcher_t;
/**
- * The dispatcher pulls sync message in a thread an processes them.
+ * The dispatcher pulls messages in a thread an processes them.
*/
-struct ha_sync_dispatcher_t {
+struct ha_dispatcher_t {
/**
- * Destroy a ha_sync_dispatcher_t.
+ * Destroy a ha_dispatcher_t.
*/
- void (*destroy)(ha_sync_dispatcher_t *this);
+ void (*destroy)(ha_dispatcher_t *this);
};
/**
- * Create a ha_sync_dispatcher instance pulling from socket.
+ * Create a ha_dispatcher instance pulling from socket.
*
* @param socket socket to pull messages from
* @param segments segments to control based on received messages
- * @param manager distributed management logic for segment control
* @return dispatcher object
*/
-ha_sync_dispatcher_t *ha_sync_dispatcher_create(ha_sync_socket_t *socket,
- ha_sync_segments_t *segments);
+ha_dispatcher_t *ha_dispatcher_create(ha_socket_t *socket,
+ ha_segments_t *segments);
-#endif /* HA_SYNC_DISPATCHER_ @}*/
+#endif /* HA_DISPATCHER_ @}*/
* for more details.
*/
-#include "ha_sync_ike.h"
+#include "ha_ike.h"
-typedef struct private_ha_sync_ike_t private_ha_sync_ike_t;
+typedef struct private_ha_ike_t private_ha_ike_t;
/**
- * Private data of an ha_sync_ike_t object.
+ * Private data of an ha_ike_t object.
*/
-struct private_ha_sync_ike_t {
+struct private_ha_ike_t {
/**
- * Public ha_sync_ike_t interface.
+ * Public ha_ike_t interface.
*/
- ha_sync_ike_t public;
+ ha_ike_t public;
/**
* socket we use for syncing
*/
- ha_sync_socket_t *socket;
+ ha_socket_t *socket;
/**
* tunnel securing sync messages
*/
- ha_sync_tunnel_t *tunnel;
+ ha_tunnel_t *tunnel;
};
/**
/**
* Implementation of listener_t.ike_keys
*/
-static bool ike_keys(private_ha_sync_ike_t *this, ike_sa_t *ike_sa,
+static bool ike_keys(private_ha_ike_t *this, ike_sa_t *ike_sa,
diffie_hellman_t *dh, chunk_t nonce_i, chunk_t nonce_r,
ike_sa_t *rekey)
{
- ha_sync_message_t *m;
+ ha_message_t *m;
chunk_t secret;
proposal_t *proposal;
u_int16_t alg, len;
- if (this->tunnel && this->tunnel->is_sync_sa(this->tunnel, ike_sa))
+ if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{ /* do not sync SA between nodes */
return TRUE;
}
return TRUE;
}
- m = ha_sync_message_create(HA_SYNC_IKE_ADD);
- m->add_attribute(m, HA_SYNC_IKE_ID, ike_sa->get_id(ike_sa));
+ m = ha_message_create(HA_IKE_ADD);
+ m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
if (rekey)
{
keymat_t *keymat;
keymat = rekey->get_keymat(rekey);
- m->add_attribute(m, HA_SYNC_IKE_REKEY_ID, rekey->get_id(rekey));
- m->add_attribute(m, HA_SYNC_ALG_OLD_PRF, keymat->get_skd(keymat, &skd));
- m->add_attribute(m, HA_SYNC_OLD_SKD, skd);
+ m->add_attribute(m, HA_IKE_REKEY_ID, rekey->get_id(rekey));
+ m->add_attribute(m, HA_ALG_OLD_PRF, keymat->get_skd(keymat, &skd));
+ m->add_attribute(m, HA_OLD_SKD, skd);
}
proposal = ike_sa->get_proposal(ike_sa);
if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &alg, &len))
{
- m->add_attribute(m, HA_SYNC_ALG_ENCR, alg);
+ m->add_attribute(m, HA_ALG_ENCR, alg);
if (len)
{
- m->add_attribute(m, HA_SYNC_ALG_ENCR_LEN, len);
+ m->add_attribute(m, HA_ALG_ENCR_LEN, len);
}
}
if (proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &alg, NULL))
{
- m->add_attribute(m, HA_SYNC_ALG_INTEG, alg);
+ m->add_attribute(m, HA_ALG_INTEG, alg);
}
if (proposal->get_algorithm(proposal, PSEUDO_RANDOM_FUNCTION, &alg, NULL))
{
- m->add_attribute(m, HA_SYNC_ALG_PRF, alg);
+ m->add_attribute(m, HA_ALG_PRF, alg);
}
- m->add_attribute(m, HA_SYNC_NONCE_I, nonce_i);
- m->add_attribute(m, HA_SYNC_NONCE_R, nonce_r);
- m->add_attribute(m, HA_SYNC_SECRET, secret);
+ m->add_attribute(m, HA_NONCE_I, nonce_i);
+ m->add_attribute(m, HA_NONCE_R, nonce_r);
+ m->add_attribute(m, HA_SECRET, secret);
chunk_clear(&secret);
this->socket->push(this->socket, m);
/**
* Implementation of listener_t.ike_state_change
*/
-static bool ike_state_change(private_ha_sync_ike_t *this, ike_sa_t *ike_sa,
+static bool ike_state_change(private_ha_ike_t *this, ike_sa_t *ike_sa,
ike_sa_state_t state)
{
- ha_sync_message_t *m;
+ ha_message_t *m;
if (ike_sa->get_state(ike_sa) == IKE_PASSIVE)
{ /* only sync active IKE_SAs */
return TRUE;
}
- if (this->tunnel && this->tunnel->is_sync_sa(this->tunnel, ike_sa))
+ if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{ /* do not sync SA between nodes */
return TRUE;
}
eap_id = ike_sa->get_eap_identity(ike_sa);
id = ike_sa->get_id(ike_sa);
- m = ha_sync_message_create(HA_SYNC_IKE_UPDATE);
- m->add_attribute(m, HA_SYNC_IKE_ID, id);
- m->add_attribute(m, HA_SYNC_LOCAL_ID, ike_sa->get_my_id(ike_sa));
- m->add_attribute(m, HA_SYNC_REMOTE_ID, ike_sa->get_other_id(ike_sa));
- m->add_attribute(m, HA_SYNC_LOCAL_ADDR, ike_sa->get_my_host(ike_sa));
- m->add_attribute(m, HA_SYNC_REMOTE_ADDR, ike_sa->get_other_host(ike_sa));
- m->add_attribute(m, HA_SYNC_CONDITIONS, condition);
- m->add_attribute(m, HA_SYNC_EXTENSIONS, extension);
- m->add_attribute(m, HA_SYNC_CONFIG_NAME, peer_cfg->get_name(peer_cfg));
+ m = ha_message_create(HA_IKE_UPDATE);
+ m->add_attribute(m, HA_IKE_ID, id);
+ m->add_attribute(m, HA_LOCAL_ID, ike_sa->get_my_id(ike_sa));
+ m->add_attribute(m, HA_REMOTE_ID, ike_sa->get_other_id(ike_sa));
+ m->add_attribute(m, HA_LOCAL_ADDR, ike_sa->get_my_host(ike_sa));
+ m->add_attribute(m, HA_REMOTE_ADDR, ike_sa->get_other_host(ike_sa));
+ m->add_attribute(m, HA_CONDITIONS, condition);
+ m->add_attribute(m, HA_EXTENSIONS, extension);
+ m->add_attribute(m, HA_CONFIG_NAME, peer_cfg->get_name(peer_cfg));
if (eap_id)
{
- m->add_attribute(m, HA_SYNC_EAP_ID, eap_id);
+ m->add_attribute(m, HA_EAP_ID, eap_id);
}
iterator = ike_sa->create_additional_address_iterator(ike_sa);
while (iterator->iterate(iterator, (void**)&addr))
{
- m->add_attribute(m, HA_SYNC_ADDITIONAL_ADDR, addr);
+ m->add_attribute(m, HA_ADDITIONAL_ADDR, addr);
}
iterator->destroy(iterator);
break;
}
case IKE_DESTROYING:
{
- m = ha_sync_message_create(HA_SYNC_IKE_DELETE);
- m->add_attribute(m, HA_SYNC_IKE_ID, ike_sa->get_id(ike_sa));
+ m = ha_message_create(HA_IKE_DELETE);
+ m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
break;
}
default:
/**
* Implementation of listener_t.message
*/
-static bool message_hook(private_ha_sync_ike_t *this, ike_sa_t *ike_sa,
+static bool message_hook(private_ha_ike_t *this, ike_sa_t *ike_sa,
message_t *message, bool incoming)
{
- if (this->tunnel && this->tunnel->is_sync_sa(this->tunnel, ike_sa))
+ if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{ /* do not sync SA between nodes */
return TRUE;
}
if (message->get_exchange_type(message) != IKE_SA_INIT &&
message->get_request(message))
{ /* we sync on requests, but skip it on IKE_SA_INIT */
- ha_sync_message_t *m;
+ ha_message_t *m;
u_int32_t mid;
- m = ha_sync_message_create(HA_SYNC_IKE_UPDATE);
- m->add_attribute(m, HA_SYNC_IKE_ID, ike_sa->get_id(ike_sa));
+ m = ha_message_create(HA_IKE_UPDATE);
+ m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
mid = message->get_message_id(message) + 1;
if (incoming)
{
- m->add_attribute(m, HA_SYNC_RESPOND_MID, mid);
+ m->add_attribute(m, HA_RESPOND_MID, mid);
}
else
{
- m->add_attribute(m, HA_SYNC_INITIATE_MID, mid);
+ m->add_attribute(m, HA_INITIATE_MID, mid);
}
this->socket->push(this->socket, m);
}
{ /* After IKE_SA has been established, sync peers virtual IP.
* We cannot sync it in the state_change hook, it is installed later.
* TODO: where to sync local VIP? */
- ha_sync_message_t *m;
+ ha_message_t *m;
host_t *vip;
vip = ike_sa->get_virtual_ip(ike_sa, FALSE);
if (vip)
{
- m = ha_sync_message_create(HA_SYNC_IKE_UPDATE);
- m->add_attribute(m, HA_SYNC_IKE_ID, ike_sa->get_id(ike_sa));
- m->add_attribute(m, HA_SYNC_REMOTE_VIP, vip);
+ m = ha_message_create(HA_IKE_UPDATE);
+ m->add_attribute(m, HA_IKE_ID, ike_sa->get_id(ike_sa));
+ m->add_attribute(m, HA_REMOTE_VIP, vip);
this->socket->push(this->socket, m);
}
}
}
/**
- * Implementation of ha_sync_ike_t.destroy.
+ * Implementation of ha_ike_t.destroy.
*/
-static void destroy(private_ha_sync_ike_t *this)
+static void destroy(private_ha_ike_t *this)
{
free(this);
}
/**
* See header
*/
-ha_sync_ike_t *ha_sync_ike_create(ha_sync_socket_t *socket,
- ha_sync_tunnel_t *tunnel)
+ha_ike_t *ha_ike_create(ha_socket_t *socket, ha_tunnel_t *tunnel)
{
- private_ha_sync_ike_t *this = malloc_thing(private_ha_sync_ike_t);
+ private_ha_ike_t *this = malloc_thing(private_ha_ike_t);
memset(&this->public.listener, 0, sizeof(listener_t));
this->public.listener.ike_keys = (bool(*)(listener_t*, ike_sa_t *ike_sa, diffie_hellman_t *dh,chunk_t nonce_i, chunk_t nonce_r, ike_sa_t *rekey))ike_keys;
this->public.listener.ike_state_change = (bool(*)(listener_t*,ike_sa_t *ike_sa, ike_sa_state_t state))ike_state_change;
this->public.listener.message = (bool(*)(listener_t*, ike_sa_t *, message_t *,bool))message_hook;
- this->public.destroy = (void(*)(ha_sync_ike_t*))destroy;
+ this->public.destroy = (void(*)(ha_ike_t*))destroy;
this->socket = socket;
this->tunnel = tunnel;
*/
/**
- * @defgroup ha_sync_ike ha_sync_ike
- * @{ @ingroup ha_sync
+ * @defgroup ha_ike ha_ike
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_IKE_H_
-#define HA_SYNC_IKE_H_
+#ifndef HA_IKE_H_
+#define HA_IKE_H_
-#include "ha_sync_socket.h"
-#include "ha_sync_tunnel.h"
-#include "ha_sync_segments.h"
+#include "ha_socket.h"
+#include "ha_tunnel.h"
+#include "ha_segments.h"
#include <daemon.h>
-typedef struct ha_sync_ike_t ha_sync_ike_t;
+typedef struct ha_ike_t ha_ike_t;
/**
* Listener to synchronize IKE_SAs.
*/
-struct ha_sync_ike_t {
+struct ha_ike_t {
/**
* Implements bus listener interface.
listener_t listener;
/**
- * Destroy a ha_sync_ike_t.
+ * Destroy a ha_ike_t.
*/
- void (*destroy)(ha_sync_ike_t *this);
+ void (*destroy)(ha_ike_t *this);
};
/**
- * Create a ha_sync_ike instance.
+ * Create a ha_ike instance.
*
* @param socket socket to use for sending synchronization messages
* @param tunnel tunnel securing sync messages, if any
* @return IKE listener
*/
-ha_sync_ike_t *ha_sync_ike_create(ha_sync_socket_t *socket,
- ha_sync_tunnel_t *tunnel);
+ha_ike_t *ha_ike_create(ha_socket_t *socket, ha_tunnel_t *tunnel);
-#endif /* HA_SYNC_IKE_ @}*/
+#endif /* HA_IKE_ @}*/
* for more details.
*/
-#include "ha_sync_kernel.h"
+#include "ha_kernel.h"
typedef u_int32_t u32;
typedef u_int8_t u8;
#include <sys/stat.h>
#include <fcntl.h>
-typedef struct private_ha_sync_kernel_t private_ha_sync_kernel_t;
+typedef struct private_ha_kernel_t private_ha_kernel_t;
/**
- * Private data of an ha_sync_kernel_t object.
+ * Private data of an ha_kernel_t object.
*/
-struct private_ha_sync_kernel_t {
+struct private_ha_kernel_t {
/**
- * Public ha_sync_kernel_t interface.
+ * Public ha_kernel_t interface.
*/
- ha_sync_kernel_t public;
+ ha_kernel_t public;
/**
* Init value for jhash
};
/**
- * Implementation of ha_sync_kernel_t.in_segment
+ * Implementation of ha_kernel_t.in_segment
*/
-static bool in_segment(private_ha_sync_kernel_t *this,
- host_t *host, u_int segment)
+static bool in_segment(private_ha_kernel_t *this, host_t *host, u_int segment)
{
if (host->get_family(host) == AF_INET)
{
/**
* Activate/Deactivate a segment
*/
-static void activate_deactivate(private_ha_sync_kernel_t *this,
+static void activate_deactivate(private_ha_kernel_t *this,
u_int segment, char op)
{
enumerator_t *enumerator;
}
/**
- * Implementation of ha_sync_kernel_t.activate
+ * Implementation of ha_kernel_t.activate
*/
-static void activate(private_ha_sync_kernel_t *this, u_int segment)
+static void activate(private_ha_kernel_t *this, u_int segment)
{
activate_deactivate(this, segment, '+');
}
/**
- * Implementation of ha_sync_kernel_t.deactivate
+ * Implementation of ha_kernel_t.deactivate
*/
-static void deactivate(private_ha_sync_kernel_t *this, u_int segment)
+static void deactivate(private_ha_kernel_t *this, u_int segment)
{
activate_deactivate(this, segment, '-');
}
/**
* Mangle IPtable rules for virtual addresses
*/
-static bool mangle_rules(private_ha_sync_kernel_t *this, bool add)
+static bool mangle_rules(private_ha_kernel_t *this, bool add)
{
enumerator_t *enumerator;
host_t *host;
/**
* Parse the list of virtual cluster addresses
*/
-static void parse_virtuals(private_ha_sync_kernel_t *this, char *virtual)
+static void parse_virtuals(private_ha_kernel_t *this, char *virtual)
{
enumerator_t *enumerator;
host_t *host;
}
/**
- * Implementation of ha_sync_kernel_t.destroy.
+ * Implementation of ha_kernel_t.destroy.
*/
-static void destroy(private_ha_sync_kernel_t *this)
+static void destroy(private_ha_kernel_t *this)
{
mangle_rules(this, FALSE);
this->virtuals->destroy_offset(this->virtuals, offsetof(host_t, destroy));
/**
* See header
*/
-ha_sync_kernel_t *ha_sync_kernel_create(u_int count, char *virtuals)
+ha_kernel_t *ha_kernel_create(u_int count, char *virtuals)
{
- private_ha_sync_kernel_t *this = malloc_thing(private_ha_sync_kernel_t);
+ private_ha_kernel_t *this = malloc_thing(private_ha_kernel_t);
- this->public.in_segment = (bool(*)(ha_sync_kernel_t*, host_t *host, u_int segment))in_segment;
- this->public.activate = (void(*)(ha_sync_kernel_t*, u_int segment))activate;
- this->public.deactivate = (void(*)(ha_sync_kernel_t*, u_int segment))deactivate;
- this->public.destroy = (void(*)(ha_sync_kernel_t*))destroy;
+ this->public.in_segment = (bool(*)(ha_kernel_t*, host_t *host, u_int segment))in_segment;
+ this->public.activate = (void(*)(ha_kernel_t*, u_int segment))activate;
+ this->public.deactivate = (void(*)(ha_kernel_t*, u_int segment))deactivate;
+ this->public.destroy = (void(*)(ha_kernel_t*))destroy;
this->initval = 0;
this->count = count;
*/
/**
- * @defgroup ha_sync_kernel ha_sync_kernel
- * @{ @ingroup ha_sync
+ * @defgroup ha_kernel ha_kernel
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_KERNEL_H_
-#define HA_SYNC_KERNEL_H_
+#ifndef HA_KERNEL_H_
+#define HA_KERNEL_H_
-typedef struct ha_sync_kernel_t ha_sync_kernel_t;
+typedef struct ha_kernel_t ha_kernel_t;
-#include "ha_sync_segments.h"
+#include "ha_segments.h"
/**
- * HA sync segment kernel configuration interface.
+ * HA segment kernel configuration interface.
*/
-struct ha_sync_kernel_t {
+struct ha_kernel_t {
/**
* Check if a host is in a segment.
* @param segment segment
* @return TRUE if host belongs to segment
*/
- bool (*in_segment)(ha_sync_kernel_t *this, host_t *host, u_int segment);
+ bool (*in_segment)(ha_kernel_t *this, host_t *host, u_int segment);
/**
* Activate a segment at kernel level for all cluster addresses.
*
* @param segment segment to activate
*/
- void (*activate)(ha_sync_kernel_t *this, u_int segment);
+ void (*activate)(ha_kernel_t *this, u_int segment);
/**
* Deactivate a segment at kernel level for all cluster addresses.
*
* @param segment segment to deactivate
*/
- void (*deactivate)(ha_sync_kernel_t *this, u_int segment);
+ void (*deactivate)(ha_kernel_t *this, u_int segment);
/**
- * Destroy a ha_sync_kernel_t.
+ * Destroy a ha_kernel_t.
*/
- void (*destroy)(ha_sync_kernel_t *this);
+ void (*destroy)(ha_kernel_t *this);
};
/**
- * Create a ha_sync_kernel instance.
+ * Create a ha_kernel instance.
*
* @param count total number of segments to use
* @param active bitmask of initially active segments
* @param virtuals comma separated list of virtual cluster addresses
*/
-ha_sync_kernel_t *ha_sync_kernel_create(u_int count, char *virtuals);
+ha_kernel_t *ha_kernel_create(u_int count, char *virtuals);
-#endif /* HA_SYNC_KERNEL_ @}*/
+#endif /* HA_KERNEL_ @}*/
#include <string.h>
#include <arpa/inet.h>
-#include "ha_sync_message.h"
+#include "ha_message.h"
#include <daemon.h>
#define ALLOCATION_BLOCK 64
-typedef struct private_ha_sync_message_t private_ha_sync_message_t;
+typedef struct private_ha_message_t private_ha_message_t;
/**
- * Private data of an ha_sync_message_t object.
+ * Private data of an ha_message_t object.
*/
-struct private_ha_sync_message_t {
+struct private_ha_message_t {
/**
- * Public ha_sync_message_t interface.
+ * Public ha_message_t interface.
*/
- ha_sync_message_t public;
+ ha_message_t public;
/**
* Allocated size of buf
} __attribute__((packed));
/**
- * Implementation of ha_sync_message_t.get_type
+ * Implementation of ha_message_t.get_type
*/
-static ha_sync_message_type_t get_type(private_ha_sync_message_t *this)
+static ha_message_type_t get_type(private_ha_message_t *this)
{
return this->buf.ptr[1];
}
/**
* check for space in buffer, increase if necessary
*/
-static void check_buf(private_ha_sync_message_t *this, size_t len)
+static void check_buf(private_ha_message_t *this, size_t len)
{
int increased = 0;
}
/**
- * Implementation of ha_sync_message_t.add_attribute
+ * Implementation of ha_message_t.add_attribute
*/
-static void add_attribute(private_ha_sync_message_t *this,
- ha_sync_message_attribute_t attribute, ...)
+static void add_attribute(private_ha_message_t *this,
+ ha_message_attribute_t attribute, ...)
{
size_t len;
va_list args;
switch (attribute)
{
/* ike_sa_id_t* */
- case HA_SYNC_IKE_ID:
- case HA_SYNC_IKE_REKEY_ID:
+ case HA_IKE_ID:
+ case HA_IKE_REKEY_ID:
{
ike_sa_id_encoding_t *enc;
ike_sa_id_t *id;
break;
}
/* identification_t* */
- case HA_SYNC_LOCAL_ID:
- case HA_SYNC_REMOTE_ID:
- case HA_SYNC_EAP_ID:
+ case HA_LOCAL_ID:
+ case HA_REMOTE_ID:
+ case HA_EAP_ID:
{
identification_encoding_t *enc;
identification_t *id;
break;
}
/* host_t* */
- case HA_SYNC_LOCAL_ADDR:
- case HA_SYNC_REMOTE_ADDR:
- case HA_SYNC_LOCAL_VIP:
- case HA_SYNC_REMOTE_VIP:
- case HA_SYNC_ADDITIONAL_ADDR:
+ case HA_LOCAL_ADDR:
+ case HA_REMOTE_ADDR:
+ case HA_LOCAL_VIP:
+ case HA_REMOTE_VIP:
+ case HA_ADDITIONAL_ADDR:
{
host_encoding_t *enc;
host_t *host;
break;
}
/* char* */
- case HA_SYNC_CONFIG_NAME:
+ case HA_CONFIG_NAME:
{
char *str;
break;
}
/* u_int8_t */
- case HA_SYNC_IPSEC_MODE:
- case HA_SYNC_IPCOMP:
+ case HA_IPSEC_MODE:
+ case HA_IPCOMP:
{
u_int8_t val;
break;
}
/* u_int16_t */
- case HA_SYNC_ALG_PRF:
- case HA_SYNC_ALG_OLD_PRF:
- case HA_SYNC_ALG_ENCR:
- case HA_SYNC_ALG_ENCR_LEN:
- case HA_SYNC_ALG_INTEG:
- case HA_SYNC_INBOUND_CPI:
- case HA_SYNC_OUTBOUND_CPI:
- case HA_SYNC_SEGMENT:
+ case HA_ALG_PRF:
+ case HA_ALG_OLD_PRF:
+ case HA_ALG_ENCR:
+ case HA_ALG_ENCR_LEN:
+ case HA_ALG_INTEG:
+ case HA_INBOUND_CPI:
+ case HA_OUTBOUND_CPI:
+ case HA_SEGMENT:
{
u_int16_t val;
break;
}
/** u_int32_t */
- case HA_SYNC_CONDITIONS:
- case HA_SYNC_EXTENSIONS:
- case HA_SYNC_INBOUND_SPI:
- case HA_SYNC_OUTBOUND_SPI:
- case HA_SYNC_INITIATE_MID:
- case HA_SYNC_RESPOND_MID:
+ case HA_CONDITIONS:
+ case HA_EXTENSIONS:
+ case HA_INBOUND_SPI:
+ case HA_OUTBOUND_SPI:
+ case HA_INITIATE_MID:
+ case HA_RESPOND_MID:
{
u_int32_t val;
break;
}
/** chunk_t */
- case HA_SYNC_NONCE_I:
- case HA_SYNC_NONCE_R:
- case HA_SYNC_SECRET:
- case HA_SYNC_OLD_SKD:
+ case HA_NONCE_I:
+ case HA_NONCE_R:
+ case HA_SECRET:
+ case HA_OLD_SKD:
{
chunk_t chunk;
break;
}
/** traffic_selector_t */
- case HA_SYNC_LOCAL_TS:
- case HA_SYNC_REMOTE_TS:
+ case HA_LOCAL_TS:
+ case HA_REMOTE_TS:
{
ts_encoding_t *enc;
traffic_selector_t *ts;
* Implementation of create_attribute_enumerator().enumerate
*/
static bool attribute_enumerate(attribute_enumerator_t *this,
- ha_sync_message_attribute_t *attr_out,
- ha_sync_message_value_t *value)
+ ha_message_attribute_t *attr_out,
+ ha_message_value_t *value)
{
- ha_sync_message_attribute_t attr;
+ ha_message_attribute_t attr;
if (this->cleanup)
{
switch (attr)
{
/* ike_sa_id_t* */
- case HA_SYNC_IKE_ID:
- case HA_SYNC_IKE_REKEY_ID:
+ case HA_IKE_ID:
+ case HA_IKE_REKEY_ID:
{
ike_sa_id_encoding_t *enc;
return TRUE;
}
/* identification_t* */
- case HA_SYNC_LOCAL_ID:
- case HA_SYNC_REMOTE_ID:
- case HA_SYNC_EAP_ID:
+ case HA_LOCAL_ID:
+ case HA_REMOTE_ID:
+ case HA_EAP_ID:
{
identification_encoding_t *enc;
return TRUE;
}
/* host_t* */
- case HA_SYNC_LOCAL_ADDR:
- case HA_SYNC_REMOTE_ADDR:
- case HA_SYNC_LOCAL_VIP:
- case HA_SYNC_REMOTE_VIP:
- case HA_SYNC_ADDITIONAL_ADDR:
+ case HA_LOCAL_ADDR:
+ case HA_REMOTE_ADDR:
+ case HA_LOCAL_VIP:
+ case HA_REMOTE_VIP:
+ case HA_ADDITIONAL_ADDR:
{
host_encoding_t *enc;
return TRUE;
}
/* char* */
- case HA_SYNC_CONFIG_NAME:
+ case HA_CONFIG_NAME:
{
size_t len;
return TRUE;
}
/* u_int8_t */
- case HA_SYNC_IPSEC_MODE:
- case HA_SYNC_IPCOMP:
+ case HA_IPSEC_MODE:
+ case HA_IPCOMP:
{
if (this->buf.len < sizeof(u_int8_t))
{
return TRUE;
}
/** u_int16_t */
- case HA_SYNC_ALG_PRF:
- case HA_SYNC_ALG_OLD_PRF:
- case HA_SYNC_ALG_ENCR:
- case HA_SYNC_ALG_ENCR_LEN:
- case HA_SYNC_ALG_INTEG:
- case HA_SYNC_INBOUND_CPI:
- case HA_SYNC_OUTBOUND_CPI:
- case HA_SYNC_SEGMENT:
+ case HA_ALG_PRF:
+ case HA_ALG_OLD_PRF:
+ case HA_ALG_ENCR:
+ case HA_ALG_ENCR_LEN:
+ case HA_ALG_INTEG:
+ case HA_INBOUND_CPI:
+ case HA_OUTBOUND_CPI:
+ case HA_SEGMENT:
{
if (this->buf.len < sizeof(u_int16_t))
{
return TRUE;
}
/** u_int32_t */
- case HA_SYNC_CONDITIONS:
- case HA_SYNC_EXTENSIONS:
- case HA_SYNC_INBOUND_SPI:
- case HA_SYNC_OUTBOUND_SPI:
- case HA_SYNC_INITIATE_MID:
- case HA_SYNC_RESPOND_MID:
+ case HA_CONDITIONS:
+ case HA_EXTENSIONS:
+ case HA_INBOUND_SPI:
+ case HA_OUTBOUND_SPI:
+ case HA_INITIATE_MID:
+ case HA_RESPOND_MID:
{
if (this->buf.len < sizeof(u_int32_t))
{
return TRUE;
}
/** chunk_t */
- case HA_SYNC_NONCE_I:
- case HA_SYNC_NONCE_R:
- case HA_SYNC_SECRET:
- case HA_SYNC_OLD_SKD:
+ case HA_NONCE_I:
+ case HA_NONCE_R:
+ case HA_SECRET:
+ case HA_OLD_SKD:
{
size_t len;
this->buf = chunk_skip(this->buf, len);
return TRUE;
}
- case HA_SYNC_LOCAL_TS:
- case HA_SYNC_REMOTE_TS:
+ case HA_LOCAL_TS:
+ case HA_REMOTE_TS:
{
ts_encoding_t *enc;
host_t *host;
}
/**
- * Implementation of ha_sync_message_t.create_attribute_enumerator
+ * Implementation of ha_message_t.create_attribute_enumerator
*/
-static enumerator_t* create_attribute_enumerator(private_ha_sync_message_t *this)
+static enumerator_t* create_attribute_enumerator(private_ha_message_t *this)
{
attribute_enumerator_t *e = malloc_thing(attribute_enumerator_t);
}
/**
- * Implementation of ha_sync_message_t.get_encoding
+ * Implementation of ha_message_t.get_encoding
*/
-static chunk_t get_encoding(private_ha_sync_message_t *this)
+static chunk_t get_encoding(private_ha_message_t *this)
{
return this->buf;
}
/**
- * Implementation of ha_sync_message_t.destroy.
+ * Implementation of ha_message_t.destroy.
*/
-static void destroy(private_ha_sync_message_t *this)
+static void destroy(private_ha_message_t *this)
{
free(this->buf.ptr);
free(this);
}
-static private_ha_sync_message_t *ha_sync_message_create_generic()
+static private_ha_message_t *ha_message_create_generic()
{
- private_ha_sync_message_t *this = malloc_thing(private_ha_sync_message_t);
+ private_ha_message_t *this = malloc_thing(private_ha_message_t);
- this->public.get_type = (ha_sync_message_type_t(*)(ha_sync_message_t*))get_type;
- this->public.add_attribute = (void(*)(ha_sync_message_t*, ha_sync_message_attribute_t attribute, ...))add_attribute;
- this->public.create_attribute_enumerator = (enumerator_t*(*)(ha_sync_message_t*))create_attribute_enumerator;
- this->public.get_encoding = (chunk_t(*)(ha_sync_message_t*))get_encoding;
- this->public.destroy = (void(*)(ha_sync_message_t*))destroy;
+ this->public.get_type = (ha_message_type_t(*)(ha_message_t*))get_type;
+ this->public.add_attribute = (void(*)(ha_message_t*, ha_message_attribute_t attribute, ...))add_attribute;
+ this->public.create_attribute_enumerator = (enumerator_t*(*)(ha_message_t*))create_attribute_enumerator;
+ this->public.get_encoding = (chunk_t(*)(ha_message_t*))get_encoding;
+ this->public.destroy = (void(*)(ha_message_t*))destroy;
return this;
}
/**
* See header
*/
-ha_sync_message_t *ha_sync_message_create(ha_sync_message_type_t type)
+ha_message_t *ha_message_create(ha_message_type_t type)
{
- private_ha_sync_message_t *this = ha_sync_message_create_generic();
+ private_ha_message_t *this = ha_message_create_generic();
this->allocated = ALLOCATION_BLOCK;
this->buf.ptr = malloc(this->allocated);
this->buf.len = 2;
- this->buf.ptr[0] = HA_SYNC_MESSAGE_VERSION;
+ this->buf.ptr[0] = HA_MESSAGE_VERSION;
this->buf.ptr[1] = type;
return &this->public;
/**
* See header
*/
-ha_sync_message_t *ha_sync_message_parse(chunk_t data)
+ha_message_t *ha_message_parse(chunk_t data)
{
- private_ha_sync_message_t *this;
+ private_ha_message_t *this;
if (data.len < 2)
{
- DBG1(DBG_CFG, "HA sync message too short");
+ DBG1(DBG_CFG, "HA message too short");
return NULL;
}
- if (data.ptr[0] != HA_SYNC_MESSAGE_VERSION)
+ if (data.ptr[0] != HA_MESSAGE_VERSION)
{
- DBG1(DBG_CFG, "HA sync message has version %d, expected %d",
- data.ptr[0], HA_SYNC_MESSAGE_VERSION);
+ DBG1(DBG_CFG, "HA message has version %d, expected %d",
+ data.ptr[0], HA_MESSAGE_VERSION);
return NULL;
}
- this = ha_sync_message_create_generic();
+ this = ha_message_create_generic();
this->buf = chunk_clone(data);
this->allocated = this->buf.len;
*/
/**
- * @defgroup ha_sync_message ha_sync_message
- * @{ @ingroup ha_sync
+ * @defgroup ha_message ha_message
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_MESSAGE_H_
-#define HA_SYNC_MESSAGE_H_
+#ifndef HA_MESSAGE_H_
+#define HA_MESSAGE_H_
#include <library.h>
#include <utils/host.h>
/**
* Protocol version of this implementation
*/
-#define HA_SYNC_MESSAGE_VERSION 1
+#define HA_MESSAGE_VERSION 1
-typedef struct ha_sync_message_t ha_sync_message_t;
-typedef enum ha_sync_message_type_t ha_sync_message_type_t;
-typedef enum ha_sync_message_attribute_t ha_sync_message_attribute_t;
-typedef union ha_sync_message_value_t ha_sync_message_value_t;
+typedef struct ha_message_t ha_message_t;
+typedef enum ha_message_type_t ha_message_type_t;
+typedef enum ha_message_attribute_t ha_message_attribute_t;
+typedef union ha_message_value_t ha_message_value_t;
/**
- * Type of a sync message
+ * Type of a HA message
*/
-enum ha_sync_message_type_t {
+enum ha_message_type_t {
/** add a completely new IKE_SA */
- HA_SYNC_IKE_ADD = 1,
+ HA_IKE_ADD = 1,
/** update an existing IKE_SA (message IDs, address update, ...) */
- HA_SYNC_IKE_UPDATE,
+ HA_IKE_UPDATE,
/** delete an existing IKE_SA */
- HA_SYNC_IKE_DELETE,
+ HA_IKE_DELETE,
/** add a new CHILD_SA */
- HA_SYNC_CHILD_ADD,
+ HA_CHILD_ADD,
/** delete an existing CHILD_SA */
- HA_SYNC_CHILD_DELETE,
+ HA_CHILD_DELETE,
/** segments the sending node is giving up */
- HA_SYNC_SEGMENT_DROP,
+ HA_SEGMENT_DROP,
/** segments the sending node is taking over */
- HA_SYNC_SEGMENT_TAKE,
+ HA_SEGMENT_TAKE,
/** status with the segments the sending node is currently serving */
- HA_SYNC_STATUS,
+ HA_STATUS,
};
/**
* Type of attributes contained in a message
*/
-enum ha_sync_message_attribute_t {
+enum ha_message_attribute_t {
/** ike_sa_id_t*, to identify IKE_SA */
- HA_SYNC_IKE_ID = 1,
+ HA_IKE_ID = 1,
/** ike_Sa_id_t*, identifies IKE_SA which gets rekeyed */
- HA_SYNC_IKE_REKEY_ID,
+ HA_IKE_REKEY_ID,
/** identification_t*, local identity */
- HA_SYNC_LOCAL_ID,
+ HA_LOCAL_ID,
/** identification_t*, remote identity */
- HA_SYNC_REMOTE_ID,
+ HA_REMOTE_ID,
/** identification_t*, EAP identity */
- HA_SYNC_EAP_ID,
+ HA_EAP_ID,
/** host_t*, local address */
- HA_SYNC_LOCAL_ADDR,
+ HA_LOCAL_ADDR,
/** host_t*, remote address */
- HA_SYNC_REMOTE_ADDR,
+ HA_REMOTE_ADDR,
/** char*, name of configuration */
- HA_SYNC_CONFIG_NAME,
+ HA_CONFIG_NAME,
/** u_int32_t, bitset of ike_condition_t */
- HA_SYNC_CONDITIONS,
+ HA_CONDITIONS,
/** u_int32_t, bitset of ike_extension_t */
- HA_SYNC_EXTENSIONS,
+ HA_EXTENSIONS,
/** host_t*, local virtual IP */
- HA_SYNC_LOCAL_VIP,
+ HA_LOCAL_VIP,
/** host_t*, remote virtual IP */
- HA_SYNC_REMOTE_VIP,
+ HA_REMOTE_VIP,
/** host_t*, additional MOBIKE peer address */
- HA_SYNC_ADDITIONAL_ADDR,
+ HA_ADDITIONAL_ADDR,
/** chunk_t, initiators nonce */
- HA_SYNC_NONCE_I,
+ HA_NONCE_I,
/** chunk_t, responders nonce */
- HA_SYNC_NONCE_R,
+ HA_NONCE_R,
/** chunk_t, diffie hellman shared secret */
- HA_SYNC_SECRET,
+ HA_SECRET,
/** chunk_t, SKd of old SA if rekeying */
- HA_SYNC_OLD_SKD,
+ HA_OLD_SKD,
/** u_int16_t, pseudo random function */
- HA_SYNC_ALG_PRF,
+ HA_ALG_PRF,
/** u_int16_t, old pseudo random function if rekeying */
- HA_SYNC_ALG_OLD_PRF,
+ HA_ALG_OLD_PRF,
/** u_int16_t, encryption algorithm */
- HA_SYNC_ALG_ENCR,
+ HA_ALG_ENCR,
/** u_int16_t, encryption key size in bytes */
- HA_SYNC_ALG_ENCR_LEN,
+ HA_ALG_ENCR_LEN,
/** u_int16_t, integrity protection algorithm */
- HA_SYNC_ALG_INTEG,
+ HA_ALG_INTEG,
/** u_int8_t, IPsec mode, TUNNEL|TRANSPORT|... */
- HA_SYNC_IPSEC_MODE,
+ HA_IPSEC_MODE,
/** u_int8_t, IPComp protocol */
- HA_SYNC_IPCOMP,
+ HA_IPCOMP,
/** u_int32_t, inbound security parameter index */
- HA_SYNC_INBOUND_SPI,
+ HA_INBOUND_SPI,
/** u_int32_t, outbound security parameter index */
- HA_SYNC_OUTBOUND_SPI,
+ HA_OUTBOUND_SPI,
/** u_int16_t, inbound security parameter index */
- HA_SYNC_INBOUND_CPI,
+ HA_INBOUND_CPI,
/** u_int16_t, outbound security parameter index */
- HA_SYNC_OUTBOUND_CPI,
+ HA_OUTBOUND_CPI,
/** traffic_selector_t*, local traffic selector */
- HA_SYNC_LOCAL_TS,
+ HA_LOCAL_TS,
/** traffic_selector_t*, remote traffic selector */
- HA_SYNC_REMOTE_TS,
+ HA_REMOTE_TS,
/** u_int32_t, initiating message ID */
- HA_SYNC_INITIATE_MID,
+ HA_INITIATE_MID,
/** u_int32_t, responding message ID */
- HA_SYNC_RESPOND_MID,
- /** u_int16_t, HA sync segment */
- HA_SYNC_SEGMENT,
+ HA_RESPOND_MID,
+ /** u_int16_t, HA segment */
+ HA_SEGMENT,
};
/**
* Union to enumerate typed attributes in a message
*/
-union ha_sync_message_value_t {
+union ha_message_value_t {
u_int8_t u8;
u_int16_t u16;
u_int32_t u32;
/**
* Abstracted message passed between nodes in a HA cluster.
*/
-struct ha_sync_message_t {
+struct ha_message_t {
/**
* Get the type of the message.
*
* @return message type
*/
- ha_sync_message_type_t (*get_type)(ha_sync_message_t *this);
+ ha_message_type_t (*get_type)(ha_message_t *this);
/**
* Add an attribute to a message.
* @param attribute attribute type to add
* @param ... attribute specific data
*/
- void (*add_attribute)(ha_sync_message_t *this,
- ha_sync_message_attribute_t attribute, ...);
+ void (*add_attribute)(ha_message_t *this,
+ ha_message_attribute_t attribute, ...);
/**
* Create an enumerator over all attributes in a message.
*
- * @return enumerator over attribute, ha_sync_message_value_t
+ * @return enumerator over attribute, ha_message_value_t
*/
- enumerator_t* (*create_attribute_enumerator)(ha_sync_message_t *this);
+ enumerator_t* (*create_attribute_enumerator)(ha_message_t *this);
/**
* Get the message in a encoded form.
*
* @return chunk pointing to internal data
*/
- chunk_t (*get_encoding)(ha_sync_message_t *this);
+ chunk_t (*get_encoding)(ha_message_t *this);
/**
- * Destroy a ha_sync_message_t.
+ * Destroy a ha_message_t.
*/
- void (*destroy)(ha_sync_message_t *this);
+ void (*destroy)(ha_message_t *this);
};
/**
- * Create a new ha_sync_message instance, ready for adding attributes
+ * Create a new ha_message instance, ready for adding attributes
*
* @param version protocol version to create a message from
* @param type type of the message
*/
-ha_sync_message_t *ha_sync_message_create(ha_sync_message_type_t type);
+ha_message_t *ha_message_create(ha_message_type_t type);
/**
- * Create a ha_sync_message from encoded data.
+ * Create a ha_message from encoded data.
*
* @param data encoded message data
*/
-ha_sync_message_t *ha_sync_message_parse(chunk_t data);
+ha_message_t *ha_message_parse(chunk_t data);
-#endif /* HA_SYNC_MESSAGE_ @}*/
+#endif /* HA_MESSAGE_ @}*/
* for more details.
*/
-#include "ha_sync_plugin.h"
-#include "ha_sync_ike.h"
-#include "ha_sync_child.h"
-#include "ha_sync_socket.h"
-#include "ha_sync_tunnel.h"
-#include "ha_sync_dispatcher.h"
-#include "ha_sync_segments.h"
-#include "ha_sync_ctl.h"
+#include "ha_plugin.h"
+#include "ha_ike.h"
+#include "ha_child.h"
+#include "ha_socket.h"
+#include "ha_tunnel.h"
+#include "ha_dispatcher.h"
+#include "ha_segments.h"
+#include "ha_ctl.h"
#include <daemon.h>
#include <config/child_cfg.h>
-typedef struct private_ha_sync_plugin_t private_ha_sync_plugin_t;
+typedef struct private_ha_plugin_t private_ha_plugin_t;
/**
- * private data of ha_sync plugin
+ * private data of ha plugin
*/
-struct private_ha_sync_plugin_t {
+struct private_ha_plugin_t {
/**
* implements plugin interface
*/
- ha_sync_plugin_t public;
+ ha_plugin_t public;
/**
* Communication socket
*/
- ha_sync_socket_t *socket;
+ ha_socket_t *socket;
/**
* Tunnel securing sync messages.
*/
- ha_sync_tunnel_t *tunnel;
+ ha_tunnel_t *tunnel;
/**
* IKE_SA synchronization
*/
- ha_sync_ike_t *ike;
+ ha_ike_t *ike;
/**
* CHILD_SA synchronization
*/
- ha_sync_child_t *child;
+ ha_child_t *child;
/**
* Dispatcher to process incoming messages
*/
- ha_sync_dispatcher_t *dispatcher;
+ ha_dispatcher_t *dispatcher;
/**
* Active/Passive segment management
*/
- ha_sync_segments_t *segments;
+ ha_segments_t *segments;
/**
* Interface to control segments at kernel level
*/
- ha_sync_kernel_t *kernel;
+ ha_kernel_t *kernel;
/**
* Segment control interface via FIFO
*/
- ha_sync_ctl_t *ctl;
+ ha_ctl_t *ctl;
};
/**
* Implementation of plugin_t.destroy
*/
-static void destroy(private_ha_sync_plugin_t *this)
+static void destroy(private_ha_plugin_t *this)
{
DESTROY_IF(this->ctl);
charon->bus->remove_listener(charon->bus, &this->segments->listener);
*/
plugin_t *plugin_create()
{
- private_ha_sync_plugin_t *this;
+ private_ha_plugin_t *this;
char *local, *remote, *secret, *virtuals;
u_int count;
bool fifo;
local = lib->settings->get_str(lib->settings,
- "charon.plugins.ha_sync.local", NULL);
+ "charon.plugins.ha.local", NULL);
remote = lib->settings->get_str(lib->settings,
- "charon.plugins.ha_sync.remote", NULL);
+ "charon.plugins.ha.remote", NULL);
virtuals = lib->settings->get_str(lib->settings,
- "charon.plugins.ha_sync.virtuals", "");
+ "charon.plugins.ha.virtuals", "");
secret = lib->settings->get_str(lib->settings,
- "charon.plugins.ha_sync.secret", NULL);
+ "charon.plugins.ha.secret", NULL);
fifo = lib->settings->get_bool(lib->settings,
- "charon.plugins.ha_sync.fifo_interface", FALSE);
+ "charon.plugins.ha.fifo_interface", FALSE);
count = min(SEGMENTS_MAX, lib->settings->get_int(lib->settings,
- "charon.plugins.ha_sync.segment_count", 1));
+ "charon.plugins.ha.segment_count", 1));
if (!local || !remote)
{
- DBG1(DBG_CFG, "HA sync config misses local/remote address");
+ DBG1(DBG_CFG, "HA config misses local/remote address");
return NULL;
}
- this = malloc_thing(private_ha_sync_plugin_t);
+ this = malloc_thing(private_ha_plugin_t);
this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
this->tunnel = NULL;
this->ctl = NULL;
- this->socket = ha_sync_socket_create(local, remote);
+ this->socket = ha_socket_create(local, remote);
if (!this->socket)
{
free(this);
return NULL;
}
- this->kernel = ha_sync_kernel_create(count, virtuals);
+ this->kernel = ha_kernel_create(count, virtuals);
if (!this->kernel)
{
this->socket->destroy(this->socket);
if (secret)
{
- this->tunnel = ha_sync_tunnel_create(local, remote, secret);
+ this->tunnel = ha_tunnel_create(local, remote, secret);
}
- this->segments = ha_sync_segments_create(this->socket, this->kernel,
+ this->segments = ha_segments_create(this->socket, this->kernel,
this->tunnel, local, remote, count);
if (fifo)
{
- this->ctl = ha_sync_ctl_create(this->segments);
+ this->ctl = ha_ctl_create(this->segments);
}
- this->dispatcher = ha_sync_dispatcher_create(this->socket, this->segments);
- this->ike = ha_sync_ike_create(this->socket, this->tunnel);
- this->child = ha_sync_child_create(this->socket, this->tunnel);
+ this->dispatcher = ha_dispatcher_create(this->socket, this->segments);
+ this->ike = ha_ike_create(this->socket, this->tunnel);
+ this->child = ha_child_create(this->socket, this->tunnel);
charon->bus->add_listener(charon->bus, &this->segments->listener);
charon->bus->add_listener(charon->bus, &this->ike->listener);
charon->bus->add_listener(charon->bus, &this->child->listener);
*/
/**
- * @defgroup ha_sync ha_sync
+ * @defgroup ha ha
* @ingroup cplugins
*
- * @defgroup ha_sync_plugin ha_sync_plugin
- * @{ @ingroup ha_sync
+ * @defgroup ha_plugin ha_plugin
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_PLUGIN_H_
-#define HA_SYNC_PLUGIN_H_
+#ifndef HA_PLUGIN_H_
+#define HA_PLUGIN_H_
#include <plugins/plugin.h>
/**
* UDP port we use for communication
*/
-#define HA_SYNC_PORT 4510
+#define HA_PORT 4510
-typedef struct ha_sync_plugin_t ha_sync_plugin_t;
+typedef struct ha_plugin_t ha_plugin_t;
/**
* Plugin to synchronize state in a high availability cluster.
*/
-struct ha_sync_plugin_t {
+struct ha_plugin_t {
/**
* implements plugin interface
};
/**
- * Create a ha_sync_plugin instance.
+ * Create a ha_plugin instance.
*/
plugin_t *plugin_create();
-#endif /* HA_SYNC_PLUGIN_H_ @}*/
+#endif /* HA_PLUGIN_H_ @}*/
* for more details.
*/
-#include "ha_sync_segments.h"
+#include "ha_segments.h"
#include <utils/mutex.h>
#include <utils/linked_list.h>
#include <processing/jobs/callback_job.h>
-typedef struct private_ha_sync_segments_t private_ha_sync_segments_t;
+typedef struct private_ha_segments_t private_ha_segments_t;
/**
- * Private data of an ha_sync_segments_t object.
+ * Private data of an ha_segments_t object.
*/
-struct private_ha_sync_segments_t {
+struct private_ha_segments_t {
/**
- * Public ha_sync_segments_t interface.
+ * Public ha_segments_t interface.
*/
- ha_sync_segments_t public;
+ ha_segments_t public;
/**
* communication socket
*/
- ha_sync_socket_t *socket;
+ ha_socket_t *socket;
/**
* Sync tunnel, if any
*/
- ha_sync_tunnel_t *tunnel;
+ ha_tunnel_t *tunnel;
/**
* Interface to control segments at kernel level
*/
- ha_sync_kernel_t *kernel;
+ ha_kernel_t *kernel;
/**
* read/write lock for segment manipulation
/**
* Log currently active segments
*/
-static void log_segments(private_ha_sync_segments_t *this, bool activated,
+static void log_segments(private_ha_segments_t *this, bool activated,
u_int segment)
{
char buf[64] = "none", *pos = buf;
pos += snprintf(pos, buf + sizeof(buf) - pos, "%d", i);
}
}
- DBG1(DBG_CFG, "HA sync segment %d %sactivated, now active: %s",
+ DBG1(DBG_CFG, "HA segment %d %sactivated, now active: %s",
segment, activated ? "" : "de", buf);
}
/**
* Enable/Disable a specific segment
*/
-static void enable_disable(private_ha_sync_segments_t *this, u_int segment,
+static void enable_disable(private_ha_segments_t *this, u_int segment,
bool enable, bool notify)
{
ike_sa_t *ike_sa;
enumerator_t *enumerator;
ike_sa_state_t old, new;
- ha_sync_message_t *message = NULL;
- ha_sync_message_type_t type;
+ ha_message_t *message = NULL;
+ ha_message_type_t type;
bool changes = FALSE;
if (segment > this->count)
{
old = IKE_PASSIVE;
new = IKE_ESTABLISHED;
- type = HA_SYNC_SEGMENT_TAKE;
+ type = HA_SEGMENT_TAKE;
if (!(this->active & SEGMENTS_BIT(segment)))
{
this->active |= SEGMENTS_BIT(segment);
{
old = IKE_ESTABLISHED;
new = IKE_PASSIVE;
- type = HA_SYNC_SEGMENT_DROP;
+ type = HA_SEGMENT_DROP;
if (this->active & SEGMENTS_BIT(segment))
{
this->active &= ~SEGMENTS_BIT(segment);
{
continue;
}
- if (this->tunnel && this->tunnel->is_sync_sa(this->tunnel, ike_sa))
+ if (this->tunnel && this->tunnel->is_sa(this->tunnel, ike_sa))
{
continue;
}
if (notify)
{
- message = ha_sync_message_create(type);
- message->add_attribute(message, HA_SYNC_SEGMENT, segment);
+ message = ha_message_create(type);
+ message->add_attribute(message, HA_SEGMENT, segment);
this->socket->push(this->socket, message);
}
}
/**
* Enable/Disable all or a specific segment, do locking
*/
-static void enable_disable_all(private_ha_sync_segments_t *this, u_int segment,
+static void enable_disable_all(private_ha_segments_t *this, u_int segment,
bool enable, bool notify)
{
int i;
}
/**
- * Implementation of ha_sync_segments_t.activate
+ * Implementation of ha_segments_t.activate
*/
-static void activate(private_ha_sync_segments_t *this, u_int segment,
- bool notify)
+static void activate(private_ha_segments_t *this, u_int segment, bool notify)
{
enable_disable_all(this, segment, TRUE, notify);
}
/**
- * Implementation of ha_sync_segments_t.deactivate
+ * Implementation of ha_segments_t.deactivate
*/
-static void deactivate(private_ha_sync_segments_t *this, u_int segment,
- bool notify)
+static void deactivate(private_ha_segments_t *this, u_int segment, bool notify)
{
enable_disable_all(this, segment, FALSE, notify);
}
}
/**
- * Implementation of ha_sync_segments_t.resync
+ * Implementation of ha_segments_t.resync
*/
-static void resync(private_ha_sync_segments_t *this, u_int segment)
+static void resync(private_ha_segments_t *this, u_int segment)
{
ike_sa_t *ike_sa;
enumerator_t *enumerator;
{
this->active &= ~mask;
- DBG1(DBG_CFG, "resyncing HA sync segment %d", segment);
+ DBG1(DBG_CFG, "resyncing HA segment %d", segment);
/* we do the actual rekeying in a seperate loop to avoid rekeying
* an SA twice. */
/**
* Implementation of listener_t.alert
*/
-static bool alert_hook(private_ha_sync_segments_t *this, ike_sa_t *ike_sa,
+static bool alert_hook(private_ha_segments_t *this, ike_sa_t *ike_sa,
alert_t alert, va_list args)
{
if (alert == ALERT_SHUTDOWN_SIGNAL)
}
/**
- * Implementation of ha_sync_segments_t.handle_status
+ * Implementation of ha_segments_t.handle_status
*/
-static void handle_status(private_ha_sync_segments_t *this, segment_mask_t mask)
+static void handle_status(private_ha_segments_t *this, segment_mask_t mask)
{
segment_mask_t missing, overlap;
int i, active = 0;
/**
* Send a status message with our active segments
*/
-static job_requeue_t send_status(private_ha_sync_segments_t *this)
+static job_requeue_t send_status(private_ha_segments_t *this)
{
- ha_sync_message_t *message;
+ ha_message_t *message;
int i;
- message = ha_sync_message_create(HA_SYNC_STATUS);
+ message = ha_message_create(HA_STATUS);
for (i = 1; i <= this->count; i++)
{
if (this->active & SEGMENTS_BIT(i))
{
- message->add_attribute(message, HA_SYNC_SEGMENT, i);
+ message->add_attribute(message, HA_SEGMENT, i);
}
}
}
/**
- * Implementation of ha_sync_segments_t.destroy.
+ * Implementation of ha_segments_t.destroy.
*/
-static void destroy(private_ha_sync_segments_t *this)
+static void destroy(private_ha_segments_t *this)
{
this->lock->destroy(this->lock);
free(this);
/**
* See header
*/
-ha_sync_segments_t *ha_sync_segments_create(ha_sync_socket_t *socket,
- ha_sync_kernel_t *kernel, ha_sync_tunnel_t *tunnel,
- char *local, char *remote, u_int count)
+ha_segments_t *ha_segments_create(ha_socket_t *socket, ha_kernel_t *kernel,
+ ha_tunnel_t *tunnel, char *local, char *remote, u_int count)
{
- private_ha_sync_segments_t *this = malloc_thing(private_ha_sync_segments_t);
+ private_ha_segments_t *this = malloc_thing(private_ha_segments_t);
int i;
memset(&this->public.listener, 0, sizeof(listener_t));
this->public.listener.alert = (bool(*)(listener_t*, ike_sa_t *, alert_t, va_list))alert_hook;
- this->public.activate = (void(*)(ha_sync_segments_t*, u_int segment,bool))activate;
- this->public.deactivate = (void(*)(ha_sync_segments_t*, u_int segment,bool))deactivate;
- this->public.resync = (void(*)(ha_sync_segments_t*, u_int segment))resync;
- this->public.handle_status = (void(*)(ha_sync_segments_t*, segment_mask_t mask))handle_status;
- this->public.destroy = (void(*)(ha_sync_segments_t*))destroy;
+ this->public.activate = (void(*)(ha_segments_t*, u_int segment,bool))activate;
+ this->public.deactivate = (void(*)(ha_segments_t*, u_int segment,bool))deactivate;
+ this->public.resync = (void(*)(ha_segments_t*, u_int segment))resync;
+ this->public.handle_status = (void(*)(ha_segments_t*, segment_mask_t mask))handle_status;
+ this->public.destroy = (void(*)(ha_segments_t*))destroy;
this->socket = socket;
this->tunnel = tunnel;
*/
/**
- * @defgroup ha_sync_segments ha_sync_segments
- * @{ @ingroup ha_sync
+ * @defgroup ha_segments ha_segments
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_SEGMENTS_H_
-#define HA_SYNC_SEGMENTS_H_
+#ifndef HA_SEGMENTS_H_
+#define HA_SEGMENTS_H_
#include <daemon.h>
-typedef struct ha_sync_segments_t ha_sync_segments_t;
+typedef struct ha_segments_t ha_segments_t;
typedef u_int16_t segment_mask_t;
*/
#define SEGMENTS_BIT(segment) (0x01 << (segment - 1))
-#include "ha_sync_socket.h"
-#include "ha_sync_tunnel.h"
-#include "ha_sync_kernel.h"
+#include "ha_socket.h"
+#include "ha_tunnel.h"
+#include "ha_kernel.h"
/**
* Segmentation of peers into active and passive.
*/
-struct ha_sync_segments_t {
+struct ha_segments_t {
/**
* Implements listener interface to catch daemon shutdown.
* @param segment numerical segment to takeover, 0 for all
* @param notify wheter to notify other nodes about activation
*/
- void (*activate)(ha_sync_segments_t *this, u_int segment, bool notify);
+ void (*activate)(ha_segments_t *this, u_int segment, bool notify);
/**
* Deactivate a set of IKE_SAs identified by a segment.
* @param segment numerical segment to takeover, 0 for all
* @param notify wheter to notify other nodes about deactivation
*/
- void (*deactivate)(ha_sync_segments_t *this, u_int segment, bool notify);
+ void (*deactivate)(ha_segments_t *this, u_int segment, bool notify);
/**
* Resync an active segment.
*
* @param segment segment to resync
*/
- void (*resync)(ha_sync_segments_t *this, u_int segment);
+ void (*resync)(ha_segments_t *this, u_int segment);
/**
* Handle a status message from the remote node.
*
* @param mask segments the remote node is serving actively
*/
- void (*handle_status)(ha_sync_segments_t *this, segment_mask_t mask);
+ void (*handle_status)(ha_segments_t *this, segment_mask_t mask);
/**
- * Destroy a ha_sync_segments_t.
+ * Destroy a ha_segments_t.
*/
- void (*destroy)(ha_sync_segments_t *this);
+ void (*destroy)(ha_segments_t *this);
};
/**
- * Create a ha_sync_segments instance.
+ * Create a ha_segments instance.
*
* @param socket socket to communicate segment (de-)activation
* @param kernel interface to control segments at kernel level
* @param active bit mask of initially active segments
* @return segment object
*/
-ha_sync_segments_t *ha_sync_segments_create(ha_sync_socket_t *socket,
- ha_sync_kernel_t *kernel, ha_sync_tunnel_t *tunnel,
- char *local, char *remote, u_int count);
+ha_segments_t *ha_segments_create(ha_socket_t *socket, ha_kernel_t *kernel,
+ ha_tunnel_t *tunnel, char *local, char *remote, u_int count);
-#endif /* HA_SYNC_SEGMENTS_ @}*/
+#endif /* HA_SEGMENTS_ @}*/
* for more details.
*/
-#include "ha_sync_socket.h"
-#include "ha_sync_plugin.h"
+#include "ha_socket.h"
+#include "ha_plugin.h"
#include <sys/types.h>
#include <sys/socket.h>
#include <utils/host.h>
#include <processing/jobs/callback_job.h>
-typedef struct private_ha_sync_socket_t private_ha_sync_socket_t;
+typedef struct private_ha_socket_t private_ha_socket_t;
/**
- * Private data of an ha_sync_socket_t object.
+ * Private data of an ha_socket_t object.
*/
-struct private_ha_sync_socket_t {
+struct private_ha_socket_t {
/**
- * Public ha_sync_socket_t interface.
+ * Public ha_socket_t interface.
*/
- ha_sync_socket_t public;
+ ha_socket_t public;
/**
* UDP communication socket fd
* Data to pass to the send_message() callback job
*/
typedef struct {
- ha_sync_message_t *message;
- private_ha_sync_socket_t *this;
+ ha_message_t *message;
+ private_ha_socket_t *this;
} job_data_t;
/**
*/
static job_requeue_t send_message(job_data_t *data)
{
- private_ha_sync_socket_t *this;
+ private_ha_socket_t *this;
chunk_t chunk;
this = data->this;
chunk = data->message->get_encoding(data->message);
if (send(this->fd, chunk.ptr, chunk.len, 0) < chunk.len)
{
- DBG1(DBG_CFG, "pushing HA sync message failed: %s", strerror(errno));
+ DBG1(DBG_CFG, "pushing HA message failed: %s", strerror(errno));
}
return JOB_REQUEUE_NONE;
}
/**
- * Implementation of ha_sync_socket_t.push
+ * Implementation of ha_socket_t.push
*/
-static void push(private_ha_sync_socket_t *this, ha_sync_message_t *message)
+static void push(private_ha_socket_t *this, ha_message_t *message)
{
chunk_t chunk;
charon->processor->queue_job(charon->processor, (job_t*)job);
return;
}
- DBG1(DBG_CFG, "pushing HA sync message failed: %s", strerror(errno));
+ DBG1(DBG_CFG, "pushing HA message failed: %s", strerror(errno));
}
message->destroy(message);
}
/**
- * Implementation of ha_sync_socket_t.pull
+ * Implementation of ha_socket_t.pull
*/
-static ha_sync_message_t *pull(private_ha_sync_socket_t *this)
+static ha_message_t *pull(private_ha_socket_t *this)
{
while (TRUE)
{
- ha_sync_message_t *message;
+ ha_message_t *message;
char buf[1024];
int oldstate;
ssize_t len;
case EINTR:
continue;
default:
- DBG1(DBG_CFG, "pulling HA sync message failed: %s",
+ DBG1(DBG_CFG, "pulling HA message failed: %s",
strerror(errno));
sleep(1);
}
}
- message = ha_sync_message_parse(chunk_create(buf, len));
+ message = ha_message_parse(chunk_create(buf, len));
if (message)
{
return message;
}
/**
- * Open and connect the HA sync socket
+ * Open and connect the HA socket
*/
-static bool open_socket(private_ha_sync_socket_t *this)
+static bool open_socket(private_ha_socket_t *this)
{
this->fd = socket(this->local->get_family(this->local), SOCK_DGRAM, 0);
if (this->fd == -1)
{
- DBG1(DBG_CFG, "opening HA sync socket failed: %s", strerror(errno));
+ DBG1(DBG_CFG, "opening HA socket failed: %s", strerror(errno));
return FALSE;
}
if (bind(this->fd, this->local->get_sockaddr(this->local),
*this->local->get_sockaddr_len(this->local)) == -1)
{
- DBG1(DBG_CFG, "binding HA sync socket failed: %s", strerror(errno));
+ DBG1(DBG_CFG, "binding HA socket failed: %s", strerror(errno));
close(this->fd);
this->fd = -1;
return FALSE;
if (connect(this->fd, this->remote->get_sockaddr(this->remote),
*this->remote->get_sockaddr_len(this->remote)) == -1)
{
- DBG1(DBG_CFG, "connecting HA sync socket failed: %s", strerror(errno));
+ DBG1(DBG_CFG, "connecting HA socket failed: %s", strerror(errno));
close(this->fd);
this->fd = -1;
return FALSE;
}
/**
- * Implementation of ha_sync_socket_t.destroy.
+ * Implementation of ha_socket_t.destroy.
*/
-static void destroy(private_ha_sync_socket_t *this)
+static void destroy(private_ha_socket_t *this)
{
if (this->fd != -1)
{
/**
* See header
*/
-ha_sync_socket_t *ha_sync_socket_create(char *local, char *remote)
+ha_socket_t *ha_socket_create(char *local, char *remote)
{
- private_ha_sync_socket_t *this = malloc_thing(private_ha_sync_socket_t);
+ private_ha_socket_t *this = malloc_thing(private_ha_socket_t);
- this->public.push = (void(*)(ha_sync_socket_t*, ha_sync_message_t*))push;
- this->public.pull = (ha_sync_message_t*(*)(ha_sync_socket_t*))pull;
- this->public.destroy = (void(*)(ha_sync_socket_t*))destroy;
+ this->public.push = (void(*)(ha_socket_t*, ha_message_t*))push;
+ this->public.pull = (ha_message_t*(*)(ha_socket_t*))pull;
+ this->public.destroy = (void(*)(ha_socket_t*))destroy;
- this->local = host_create_from_dns(local, 0, HA_SYNC_PORT);
- this->remote = host_create_from_dns(remote, 0, HA_SYNC_PORT);
+ this->local = host_create_from_dns(local, 0, HA_PORT);
+ this->remote = host_create_from_dns(remote, 0, HA_PORT);
this->fd = -1;
if (!this->local || !this->remote)
{
- DBG1(DBG_CFG, "invalid local/remote HA sync address");
+ DBG1(DBG_CFG, "invalid local/remote HA address");
destroy(this);
return NULL;
}
*/
/**
- * @defgroup ha_sync_socket ha_sync_socket
- * @{ @ingroup ha_sync
+ * @defgroup ha_socket ha_socket
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_SOCKET_H_
-#define HA_SYNC_SOCKET_H_
+#ifndef HA_SOCKET_H_
+#define HA_SOCKET_H_
-#include "ha_sync_message.h"
+#include "ha_message.h"
#include <sa/ike_sa.h>
-typedef struct ha_sync_socket_t ha_sync_socket_t;
+typedef struct ha_socket_t ha_socket_t;
/**
* Socket to send/received SA synchronization data
*/
-struct ha_sync_socket_t {
+struct ha_socket_t {
/**
* Push synchronization information to the responsible node.
*
* @param message message to send, gets destroyed by push()
*/
- void (*push)(ha_sync_socket_t *this, ha_sync_message_t *message);
+ void (*push)(ha_socket_t *this, ha_message_t *message);
/**
* Pull synchronization information from a peer we are responsible.
*
* @return received message
*/
- ha_sync_message_t *(*pull)(ha_sync_socket_t *this);
+ ha_message_t *(*pull)(ha_socket_t *this);
/**
- * Destroy a ha_sync_socket_t.
+ * Destroy a ha_socket_t.
*/
- void (*destroy)(ha_sync_socket_t *this);
+ void (*destroy)(ha_socket_t *this);
};
/**
- * Create a ha_sync_socket instance.
+ * Create a ha_socket instance.
*/
-ha_sync_socket_t *ha_sync_socket_create(char *local, char *remote);
+ha_socket_t *ha_socket_create(char *local, char *remote);
-#endif /* HA_SYNC_SOCKET_ @}*/
+#endif /* HA_SOCKET_ @}*/
* for more details.
*/
-#include "ha_sync_tunnel.h"
-#include "ha_sync_plugin.h"
+#include "ha_tunnel.h"
+#include "ha_plugin.h"
#include <daemon.h>
#include <utils/identification.h>
#include <processing/jobs/callback_job.h>
-typedef struct private_ha_sync_tunnel_t private_ha_sync_tunnel_t;
+typedef struct private_ha_tunnel_t private_ha_tunnel_t;
typedef struct ha_backend_t ha_backend_t;
typedef struct ha_creds_t ha_creds_t;
/**
- * Serves credentials for the HA sync SA
+ * Serves credentials for the HA SA
*/
struct ha_creds_t {
};
/**
- * Serves configurations for the HA sync SA
+ * Serves configurations for the HA SA
*/
struct ha_backend_t {
};
/**
- * Private data of an ha_sync_tunnel_t object.
+ * Private data of an ha_tunnel_t object.
*/
-struct private_ha_sync_tunnel_t {
+struct private_ha_tunnel_t {
/**
- * Public ha_sync_tunnel_t interface.
+ * Public ha_tunnel_t interface.
*/
- ha_sync_tunnel_t public;
+ ha_tunnel_t public;
/**
* Reqid of installed trap
u_int32_t trap;
/**
- * backend for sync SA
+ * backend for HA SA
*/
ha_backend_t backend;
/**
- * credential set for sync SA
+ * credential set for HA SA
*/
ha_creds_t creds;
};
/**
- * Implementation of ha_sync_tunnel_t.is_sync_sa
+ * Implementation of ha_tunnel_t.is_sa
*/
-static bool is_sync_sa(private_ha_sync_tunnel_t *this, ike_sa_t *ike_sa)
+static bool is_sa(private_ha_tunnel_t *this, ike_sa_t *ike_sa)
{
peer_cfg_t *cfg = this->backend.cfg;
}
/**
- * Install configs and a a trap for secured sync
+ * Install configs and a a trap for secured HA message exchange
*/
-static void setup_sync_tunnel(private_ha_sync_tunnel_t *this,
- char *local, char *remote, char *secret)
+static void setup_tunnel(private_ha_tunnel_t *this,
+ char *local, char *remote, char *secret)
{
peer_cfg_t *peer_cfg;
ike_cfg_t *ike_cfg;
/* create config and backend */
ike_cfg = ike_cfg_create(FALSE, FALSE, local, remote);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
- peer_cfg = peer_cfg_create("ha-sync", 2, ike_cfg, CERT_NEVER_SEND,
+ peer_cfg = peer_cfg_create("ha", 2, ike_cfg, CERT_NEVER_SEND,
UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, 30,
NULL, NULL, FALSE, NULL, NULL);
identification_create_from_string(remote));
peer_cfg->add_auth_cfg(peer_cfg, auth_cfg, FALSE);
- child_cfg = child_cfg_create("ha-sync", &lifetime, NULL, TRUE,
+ child_cfg = child_cfg_create("ha", &lifetime, NULL, TRUE,
MODE_TRANSPORT, ACTION_NONE, ACTION_NONE, FALSE);
- ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_SYNC_PORT, HA_SYNC_PORT);
+ ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_PORT, HA_PORT);
child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);
child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
- ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_SYNC_PORT, HA_SYNC_PORT);
+ ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_PORT, HA_PORT);
child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);
child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
}
/**
- * Implementation of ha_sync_tunnel_t.destroy.
+ * Implementation of ha_tunnel_t.destroy.
*/
-static void destroy(private_ha_sync_tunnel_t *this)
+static void destroy(private_ha_tunnel_t *this)
{
if (this->backend.cfg)
{
/**
* See header
*/
-ha_sync_tunnel_t *ha_sync_tunnel_create(char *local, char *remote, char *secret)
+ha_tunnel_t *ha_tunnel_create(char *local, char *remote, char *secret)
{
- private_ha_sync_tunnel_t *this = malloc_thing(private_ha_sync_tunnel_t);
+ private_ha_tunnel_t *this = malloc_thing(private_ha_tunnel_t);
- this->public.is_sync_sa = (bool(*)(ha_sync_tunnel_t*, ike_sa_t *ike_sa))is_sync_sa;
- this->public.destroy = (void(*)(ha_sync_tunnel_t*))destroy;
+ this->public.is_sa = (bool(*)(ha_tunnel_t*, ike_sa_t *ike_sa))is_sa;
+ this->public.destroy = (void(*)(ha_tunnel_t*))destroy;
- setup_sync_tunnel(this, local, remote, secret);
+ setup_tunnel(this, local, remote, secret);
return &this->public;
}
*/
/**
- * @defgroup ha_sync_ ha_sync_tunnel
- * @{ @ingroup ha_sync
+ * @defgroup ha_ ha_tunnel
+ * @{ @ingroup ha
*/
-#ifndef HA_SYNC_TUNNEL_H_
-#define HA_SYNC_TUNNEL_H_
+#ifndef HA_TUNNEL_H_
+#define HA_TUNNEL_H_
#include <sa/ike_sa.h>
-typedef struct ha_sync_tunnel_t ha_sync_tunnel_t;
+typedef struct ha_tunnel_t ha_tunnel_t;
/**
* Socket to send/received SA synchronization data
*/
-struct ha_sync_tunnel_t {
+struct ha_tunnel_t {
/**
- * Check if an IKE_SA is used for exchanging sync messages.
+ * Check if an IKE_SA is used for exchanging HA messages.
*
* @param ike_Sa ike_sa to check
- * @return TRUE if IKE_SA is used to secure sync messages
+ * @return TRUE if IKE_SA is used to secure HA messages
*/
- bool (*is_sync_sa)(ha_sync_tunnel_t *this, ike_sa_t *ike_sa);
+ bool (*is_sa)(ha_tunnel_t *this, ike_sa_t *ike_sa);
/**
- * Destroy a ha_sync_tunnel_t.
+ * Destroy a ha_tunnel_t.
*/
- void (*destroy)(ha_sync_tunnel_t *this);
+ void (*destroy)(ha_tunnel_t *this);
};
/**
- * Create a ha_sync_tunnel instance.
+ * Create a ha_tunnel instance.
*
- * @param local local address of sync tunnel
- * @param remote remote address of sync tunnel
+ * @param local local address of HA tunnel
+ * @param remote remote address of HA tunnel
* @param secret PSK tunnel authentication secret
- * @return sync tunnel instance
+ * @return HA tunnel instance
*/
-ha_sync_tunnel_t *ha_sync_tunnel_create(char *local, char *remote, char *secret);
+ha_tunnel_t *ha_tunnel_create(char *local, char *remote, char *secret);
-#endif /* HA_SYNC_TUNNEL_H_ @}*/
+#endif /* HA_TUNNEL_H_ @}*/
+++ /dev/null
-
-INCLUDES = -I${linux_headers} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
-
-AM_CFLAGS = -rdynamic -DIPSEC_PIDDIR=\"${piddir}\"
-
-plugin_LTLIBRARIES = libstrongswan-ha-sync.la
-libstrongswan_ha_sync_la_SOURCES = \
- ha_sync_plugin.h ha_sync_plugin.c \
- ha_sync_message.h ha_sync_message.c \
- ha_sync_socket.h ha_sync_socket.c \
- ha_sync_tunnel.h ha_sync_tunnel.c \
- ha_sync_dispatcher.h ha_sync_dispatcher.c \
- ha_sync_segments.h ha_sync_segments.c \
- ha_sync_kernel.h ha_sync_kernel.c \
- ha_sync_ctl.h ha_sync_ctl.c \
- ha_sync_ike.h ha_sync_ike.c \
- ha_sync_child.h ha_sync_child.c
-libstrongswan_ha_sync_la_LDFLAGS = -module
-
projects / thirdparty / strongswan.git / commitdiff
