2 *------------------------------------------------------------------
3 * ipsec_api.c - ipsec api
5 * Copyright (c) 2016 Cisco and/or its affiliates.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *------------------------------------------------------------------
20 #include <vnet/vnet.h>
21 #include <vlibmemory/api.h>
22 #include <vnet/api_errno.h>
23 #include <vpp/app/version.h>
25 #include <ikev2/ikev2.h>
26 #include <ikev2/ikev2_priv.h>
28 /* define message IDs */
29 #include <plugins/ikev2/ikev2.api_enum.h>
30 #include <plugins/ikev2/ikev2.api_types.h>
32 extern ikev2_main_t ikev2_main;
34 #define IKEV2_PLUGIN_VERSION_MAJOR 1
35 #define IKEV2_PLUGIN_VERSION_MINOR 0
36 #define REPLY_MSG_ID_BASE ikev2_main.msg_id_base
37 #include <vlibapi/api_helper_macros.h>
40 vl_api_ikev2_plugin_get_version_t_handler (vl_api_ikev2_plugin_get_version_t *
43 ikev2_main_t *im = &ikev2_main;
44 vl_api_ikev2_plugin_get_version_reply_t *rmp;
45 int msg_size = sizeof (*rmp);
46 vl_api_registration_t *reg;
48 reg = vl_api_client_index_to_registration (mp->client_index);
52 rmp = vl_msg_api_alloc (msg_size);
53 clib_memset (rmp, 0, msg_size);
55 ntohs (VL_API_IKEV2_PLUGIN_GET_VERSION_REPLY + im->msg_id_base);
56 rmp->context = mp->context;
57 rmp->major = htonl (IKEV2_PLUGIN_VERSION_MAJOR);
58 rmp->minor = htonl (IKEV2_PLUGIN_VERSION_MINOR);
60 vl_api_send_msg (reg, (u8 *) rmp);
64 vl_api_ikev2_profile_add_del_t_handler (vl_api_ikev2_profile_add_del_t * mp)
66 vl_api_ikev2_profile_add_del_reply_t *rmp;
70 vlib_main_t *vm = vlib_get_main ();
72 u8 *tmp = format (0, "%s", mp->name);
73 error = ikev2_add_del_profile (vm, tmp, mp->is_add);
76 rv = VNET_API_ERROR_UNSPECIFIED;
78 rv = VNET_API_ERROR_UNIMPLEMENTED;
81 REPLY_MACRO (VL_API_IKEV2_PROFILE_ADD_DEL_REPLY);
85 vl_api_ikev2_profile_set_auth_t_handler
86 (vl_api_ikev2_profile_set_auth_t * mp)
88 vl_api_ikev2_profile_set_auth_reply_t *rmp;
92 vlib_main_t *vm = vlib_get_main ();
94 int data_len = ntohl (mp->data_len);
95 u8 *tmp = format (0, "%s", mp->name);
96 u8 *data = vec_new (u8, data_len);
97 clib_memcpy (data, mp->data, data_len);
98 error = ikev2_set_profile_auth (vm, tmp, mp->auth_method, data, mp->is_hex);
102 rv = VNET_API_ERROR_UNSPECIFIED;
104 rv = VNET_API_ERROR_UNIMPLEMENTED;
107 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_AUTH_REPLY);
111 vl_api_ikev2_profile_set_id_t_handler (vl_api_ikev2_profile_set_id_t * mp)
113 vl_api_ikev2_profile_add_del_reply_t *rmp;
117 vlib_main_t *vm = vlib_get_main ();
119 u8 *tmp = format (0, "%s", mp->name);
120 int data_len = ntohl (mp->data_len);
121 u8 *data = vec_new (u8, data_len);
122 clib_memcpy (data, mp->data, data_len);
123 error = ikev2_set_profile_id (vm, tmp, mp->id_type, data, mp->is_local);
127 rv = VNET_API_ERROR_UNSPECIFIED;
129 rv = VNET_API_ERROR_UNIMPLEMENTED;
132 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_ID_REPLY);
136 vl_api_ikev2_profile_set_ts_t_handler (vl_api_ikev2_profile_set_ts_t * mp)
138 vl_api_ikev2_profile_set_ts_reply_t *rmp;
142 vlib_main_t *vm = vlib_get_main ();
144 u8 *tmp = format (0, "%s", mp->name);
146 ikev2_set_profile_ts (vm, tmp, mp->proto,
147 clib_net_to_host_u16 (mp->start_port),
148 clib_net_to_host_u16 (mp->end_port),
149 (ip4_address_t) mp->start_addr,
150 (ip4_address_t) mp->end_addr, mp->is_local);
153 rv = VNET_API_ERROR_UNSPECIFIED;
155 rv = VNET_API_ERROR_UNIMPLEMENTED;
158 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_TS_REPLY);
162 vl_api_ikev2_set_local_key_t_handler (vl_api_ikev2_set_local_key_t * mp)
164 vl_api_ikev2_profile_set_ts_reply_t *rmp;
168 vlib_main_t *vm = vlib_get_main ();
171 error = ikev2_set_local_key (vm, mp->key_file);
173 rv = VNET_API_ERROR_UNSPECIFIED;
175 rv = VNET_API_ERROR_UNIMPLEMENTED;
178 REPLY_MACRO (VL_API_IKEV2_SET_LOCAL_KEY_REPLY);
182 vl_api_ikev2_set_responder_t_handler (vl_api_ikev2_set_responder_t * mp)
184 vl_api_ikev2_set_responder_reply_t *rmp;
188 vlib_main_t *vm = vlib_get_main ();
191 u8 *tmp = format (0, "%s", mp->name);
193 clib_memcpy (&ip4, mp->address, sizeof (ip4));
195 error = ikev2_set_profile_responder (vm, tmp, ntohl (mp->sw_if_index), ip4);
198 rv = VNET_API_ERROR_UNSPECIFIED;
200 rv = VNET_API_ERROR_UNIMPLEMENTED;
203 REPLY_MACRO (VL_API_IKEV2_SET_RESPONDER_REPLY);
207 vl_api_ikev2_set_ike_transforms_t_handler (vl_api_ikev2_set_ike_transforms_t *
210 vl_api_ikev2_set_ike_transforms_reply_t *rmp;
214 vlib_main_t *vm = vlib_get_main ();
217 u8 *tmp = format (0, "%s", mp->name);
220 ikev2_set_profile_ike_transforms (vm, tmp, ntohl (mp->crypto_alg),
221 ntohl (mp->integ_alg),
222 ntohl (mp->dh_group),
223 ntohl (mp->crypto_key_size));
226 rv = VNET_API_ERROR_UNSPECIFIED;
228 rv = VNET_API_ERROR_UNIMPLEMENTED;
231 REPLY_MACRO (VL_API_IKEV2_SET_IKE_TRANSFORMS_REPLY);
235 vl_api_ikev2_set_esp_transforms_t_handler (vl_api_ikev2_set_esp_transforms_t *
238 vl_api_ikev2_set_esp_transforms_reply_t *rmp;
242 vlib_main_t *vm = vlib_get_main ();
245 u8 *tmp = format (0, "%s", mp->name);
248 ikev2_set_profile_esp_transforms (vm, tmp, ntohl (mp->crypto_alg),
249 ntohl (mp->integ_alg),
250 ntohl (mp->dh_group),
251 ntohl (mp->crypto_key_size));
254 rv = VNET_API_ERROR_UNSPECIFIED;
256 rv = VNET_API_ERROR_UNIMPLEMENTED;
259 REPLY_MACRO (VL_API_IKEV2_SET_ESP_TRANSFORMS_REPLY);
263 vl_api_ikev2_set_sa_lifetime_t_handler (vl_api_ikev2_set_sa_lifetime_t * mp)
265 vl_api_ikev2_set_sa_lifetime_reply_t *rmp;
269 vlib_main_t *vm = vlib_get_main ();
272 u8 *tmp = format (0, "%s", mp->name);
275 ikev2_set_profile_sa_lifetime (vm, tmp,
276 clib_net_to_host_u64 (mp->lifetime),
277 ntohl (mp->lifetime_jitter),
278 ntohl (mp->handover),
280 (mp->lifetime_maxdata));
283 rv = VNET_API_ERROR_UNSPECIFIED;
285 rv = VNET_API_ERROR_UNIMPLEMENTED;
288 REPLY_MACRO (VL_API_IKEV2_SET_SA_LIFETIME_REPLY);
292 vl_api_ikev2_initiate_sa_init_t_handler (vl_api_ikev2_initiate_sa_init_t * mp)
294 vl_api_ikev2_initiate_sa_init_reply_t *rmp;
298 vlib_main_t *vm = vlib_get_main ();
301 u8 *tmp = format (0, "%s", mp->name);
303 error = ikev2_initiate_sa_init (vm, tmp);
306 rv = VNET_API_ERROR_UNSPECIFIED;
308 rv = VNET_API_ERROR_UNIMPLEMENTED;
311 REPLY_MACRO (VL_API_IKEV2_INITIATE_SA_INIT_REPLY);
315 vl_api_ikev2_initiate_del_ike_sa_t_handler (vl_api_ikev2_initiate_del_ike_sa_t
318 vl_api_ikev2_initiate_del_ike_sa_reply_t *rmp;
322 vlib_main_t *vm = vlib_get_main ();
325 error = ikev2_initiate_delete_ike_sa (vm, mp->ispi);
327 rv = VNET_API_ERROR_UNSPECIFIED;
329 rv = VNET_API_ERROR_UNIMPLEMENTED;
332 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_IKE_SA_REPLY);
336 vl_api_ikev2_initiate_del_child_sa_t_handler
337 (vl_api_ikev2_initiate_del_child_sa_t * mp)
339 vl_api_ikev2_initiate_del_child_sa_reply_t *rmp;
343 vlib_main_t *vm = vlib_get_main ();
346 error = ikev2_initiate_delete_child_sa (vm, mp->ispi);
348 rv = VNET_API_ERROR_UNSPECIFIED;
350 rv = VNET_API_ERROR_UNIMPLEMENTED;
353 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_CHILD_SA_REPLY);
357 vl_api_ikev2_initiate_rekey_child_sa_t_handler
358 (vl_api_ikev2_initiate_rekey_child_sa_t * mp)
360 vl_api_ikev2_initiate_rekey_child_sa_reply_t *rmp;
364 vlib_main_t *vm = vlib_get_main ();
367 error = ikev2_initiate_rekey_child_sa (vm, mp->ispi);
369 rv = VNET_API_ERROR_UNSPECIFIED;
371 rv = VNET_API_ERROR_UNIMPLEMENTED;
374 REPLY_MACRO (VL_API_IKEV2_INITIATE_REKEY_CHILD_SA_REPLY);
377 #include <ikev2/ikev2.api.c>
378 static clib_error_t *
379 ikev2_api_init (vlib_main_t * vm)
381 ikev2_main_t *im = &ikev2_main;
383 /* Ask for a correctly-sized block of API message decode slots */
384 im->msg_id_base = setup_message_id_table ();
389 VLIB_INIT_FUNCTION (ikev2_api_init);
392 * fd.io coding-style-patch-verification: ON
395 * eval: (c-set-style "gnu")