2 *------------------------------------------------------------------
3 * ipsec_api.c - ipsec api
5 * Copyright (c) 2016 Cisco and/or its affiliates.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *------------------------------------------------------------------
20 #include <vnet/vnet.h>
21 #include <vlibmemory/api.h>
22 #include <vnet/api_errno.h>
23 #include <vpp/app/version.h>
25 #include <ikev2/ikev2.h>
26 #include <ikev2/ikev2_priv.h>
28 /* define message IDs */
29 #include <vnet/format_fns.h>
30 #include <plugins/ikev2/ikev2.api_enum.h>
31 #include <plugins/ikev2/ikev2.api_types.h>
33 extern ikev2_main_t ikev2_main;
35 #define IKEV2_PLUGIN_VERSION_MAJOR 1
36 #define IKEV2_PLUGIN_VERSION_MINOR 0
37 #define REPLY_MSG_ID_BASE ikev2_main.msg_id_base
38 #include <vlibapi/api_helper_macros.h>
41 vl_api_ikev2_plugin_get_version_t_handler (vl_api_ikev2_plugin_get_version_t *
44 ikev2_main_t *im = &ikev2_main;
45 vl_api_ikev2_plugin_get_version_reply_t *rmp;
46 int msg_size = sizeof (*rmp);
47 vl_api_registration_t *reg;
49 reg = vl_api_client_index_to_registration (mp->client_index);
53 rmp = vl_msg_api_alloc (msg_size);
54 clib_memset (rmp, 0, msg_size);
56 ntohs (VL_API_IKEV2_PLUGIN_GET_VERSION_REPLY + im->msg_id_base);
57 rmp->context = mp->context;
58 rmp->major = htonl (IKEV2_PLUGIN_VERSION_MAJOR);
59 rmp->minor = htonl (IKEV2_PLUGIN_VERSION_MINOR);
61 vl_api_send_msg (reg, (u8 *) rmp);
65 vl_api_ikev2_profile_add_del_t_handler (vl_api_ikev2_profile_add_del_t * mp)
67 vl_api_ikev2_profile_add_del_reply_t *rmp;
71 vlib_main_t *vm = vlib_get_main ();
73 u8 *tmp = format (0, "%s", mp->name);
74 error = ikev2_add_del_profile (vm, tmp, mp->is_add);
77 rv = VNET_API_ERROR_UNSPECIFIED;
79 rv = VNET_API_ERROR_UNIMPLEMENTED;
82 REPLY_MACRO (VL_API_IKEV2_PROFILE_ADD_DEL_REPLY);
86 vl_api_ikev2_profile_set_auth_t_handler
87 (vl_api_ikev2_profile_set_auth_t * mp)
89 vl_api_ikev2_profile_set_auth_reply_t *rmp;
93 vlib_main_t *vm = vlib_get_main ();
95 int data_len = ntohl (mp->data_len);
96 u8 *tmp = format (0, "%s", mp->name);
97 u8 *data = vec_new (u8, data_len);
98 clib_memcpy (data, mp->data, data_len);
99 error = ikev2_set_profile_auth (vm, tmp, mp->auth_method, data, mp->is_hex);
103 rv = VNET_API_ERROR_UNSPECIFIED;
105 rv = VNET_API_ERROR_UNIMPLEMENTED;
108 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_AUTH_REPLY);
112 vl_api_ikev2_profile_set_id_t_handler (vl_api_ikev2_profile_set_id_t * mp)
114 vl_api_ikev2_profile_add_del_reply_t *rmp;
118 vlib_main_t *vm = vlib_get_main ();
120 u8 *tmp = format (0, "%s", mp->name);
121 int data_len = ntohl (mp->data_len);
122 u8 *data = vec_new (u8, data_len);
123 clib_memcpy (data, mp->data, data_len);
124 error = ikev2_set_profile_id (vm, tmp, mp->id_type, data, mp->is_local);
128 rv = VNET_API_ERROR_UNSPECIFIED;
130 rv = VNET_API_ERROR_UNIMPLEMENTED;
133 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_ID_REPLY);
137 vl_api_ikev2_profile_set_ts_t_handler (vl_api_ikev2_profile_set_ts_t * mp)
139 vl_api_ikev2_profile_set_ts_reply_t *rmp;
143 vlib_main_t *vm = vlib_get_main ();
145 u8 *tmp = format (0, "%s", mp->name);
147 ikev2_set_profile_ts (vm, tmp, mp->proto,
148 clib_net_to_host_u16 (mp->start_port),
149 clib_net_to_host_u16 (mp->end_port),
150 (ip4_address_t) mp->start_addr,
151 (ip4_address_t) mp->end_addr, mp->is_local);
154 rv = VNET_API_ERROR_UNSPECIFIED;
156 rv = VNET_API_ERROR_UNIMPLEMENTED;
159 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_TS_REPLY);
163 vl_api_ikev2_set_local_key_t_handler (vl_api_ikev2_set_local_key_t * mp)
165 vl_api_ikev2_profile_set_ts_reply_t *rmp;
169 vlib_main_t *vm = vlib_get_main ();
172 error = ikev2_set_local_key (vm, mp->key_file);
174 rv = VNET_API_ERROR_UNSPECIFIED;
176 rv = VNET_API_ERROR_UNIMPLEMENTED;
179 REPLY_MACRO (VL_API_IKEV2_SET_LOCAL_KEY_REPLY);
183 vl_api_ikev2_set_responder_t_handler (vl_api_ikev2_set_responder_t * mp)
185 vl_api_ikev2_set_responder_reply_t *rmp;
189 vlib_main_t *vm = vlib_get_main ();
192 u8 *tmp = format (0, "%s", mp->name);
194 clib_memcpy (&ip4, mp->address, sizeof (ip4));
196 error = ikev2_set_profile_responder (vm, tmp, ntohl (mp->sw_if_index), ip4);
199 rv = VNET_API_ERROR_UNSPECIFIED;
201 rv = VNET_API_ERROR_UNIMPLEMENTED;
204 REPLY_MACRO (VL_API_IKEV2_SET_RESPONDER_REPLY);
208 vl_api_ikev2_set_ike_transforms_t_handler (vl_api_ikev2_set_ike_transforms_t *
211 vl_api_ikev2_set_ike_transforms_reply_t *rmp;
215 vlib_main_t *vm = vlib_get_main ();
218 u8 *tmp = format (0, "%s", mp->name);
221 ikev2_set_profile_ike_transforms (vm, tmp, ntohl (mp->crypto_alg),
222 ntohl (mp->integ_alg),
223 ntohl (mp->dh_group),
224 ntohl (mp->crypto_key_size));
227 rv = VNET_API_ERROR_UNSPECIFIED;
229 rv = VNET_API_ERROR_UNIMPLEMENTED;
232 REPLY_MACRO (VL_API_IKEV2_SET_IKE_TRANSFORMS_REPLY);
236 vl_api_ikev2_set_esp_transforms_t_handler (vl_api_ikev2_set_esp_transforms_t *
239 vl_api_ikev2_set_esp_transforms_reply_t *rmp;
243 vlib_main_t *vm = vlib_get_main ();
246 u8 *tmp = format (0, "%s", mp->name);
249 ikev2_set_profile_esp_transforms (vm, tmp, ntohl (mp->crypto_alg),
250 ntohl (mp->integ_alg),
251 ntohl (mp->dh_group),
252 ntohl (mp->crypto_key_size));
255 rv = VNET_API_ERROR_UNSPECIFIED;
257 rv = VNET_API_ERROR_UNIMPLEMENTED;
260 REPLY_MACRO (VL_API_IKEV2_SET_ESP_TRANSFORMS_REPLY);
264 vl_api_ikev2_set_sa_lifetime_t_handler (vl_api_ikev2_set_sa_lifetime_t * mp)
266 vl_api_ikev2_set_sa_lifetime_reply_t *rmp;
270 vlib_main_t *vm = vlib_get_main ();
273 u8 *tmp = format (0, "%s", mp->name);
276 ikev2_set_profile_sa_lifetime (vm, tmp,
277 clib_net_to_host_u64 (mp->lifetime),
278 ntohl (mp->lifetime_jitter),
279 ntohl (mp->handover),
281 (mp->lifetime_maxdata));
284 rv = VNET_API_ERROR_UNSPECIFIED;
286 rv = VNET_API_ERROR_UNIMPLEMENTED;
289 REPLY_MACRO (VL_API_IKEV2_SET_SA_LIFETIME_REPLY);
293 vl_api_ikev2_set_tunnel_interface_t_handler
294 (vl_api_ikev2_set_tunnel_interface_t * mp)
296 vl_api_ikev2_set_tunnel_interface_reply_t *rmp;
299 VALIDATE_SW_IF_INDEX (mp);
302 u8 *tmp = format (0, "%s", mp->name);
305 error = ikev2_set_profile_tunnel_interface (vlib_get_main (), tmp,
306 ntohl (mp->sw_if_index));
309 rv = VNET_API_ERROR_UNSPECIFIED;
312 rv = VNET_API_ERROR_UNIMPLEMENTED;
315 BAD_SW_IF_INDEX_LABEL;
316 REPLY_MACRO (VL_API_IKEV2_SET_TUNNEL_INTERFACE_REPLY);
320 vl_api_ikev2_initiate_sa_init_t_handler (vl_api_ikev2_initiate_sa_init_t * mp)
322 vl_api_ikev2_initiate_sa_init_reply_t *rmp;
326 vlib_main_t *vm = vlib_get_main ();
329 u8 *tmp = format (0, "%s", mp->name);
331 error = ikev2_initiate_sa_init (vm, tmp);
334 rv = VNET_API_ERROR_UNSPECIFIED;
336 rv = VNET_API_ERROR_UNIMPLEMENTED;
339 REPLY_MACRO (VL_API_IKEV2_INITIATE_SA_INIT_REPLY);
343 vl_api_ikev2_initiate_del_ike_sa_t_handler (vl_api_ikev2_initiate_del_ike_sa_t
346 vl_api_ikev2_initiate_del_ike_sa_reply_t *rmp;
350 vlib_main_t *vm = vlib_get_main ();
353 error = ikev2_initiate_delete_ike_sa (vm, mp->ispi);
355 rv = VNET_API_ERROR_UNSPECIFIED;
357 rv = VNET_API_ERROR_UNIMPLEMENTED;
360 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_IKE_SA_REPLY);
364 vl_api_ikev2_initiate_del_child_sa_t_handler
365 (vl_api_ikev2_initiate_del_child_sa_t * mp)
367 vl_api_ikev2_initiate_del_child_sa_reply_t *rmp;
371 vlib_main_t *vm = vlib_get_main ();
374 error = ikev2_initiate_delete_child_sa (vm, mp->ispi);
376 rv = VNET_API_ERROR_UNSPECIFIED;
378 rv = VNET_API_ERROR_UNIMPLEMENTED;
381 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_CHILD_SA_REPLY);
385 vl_api_ikev2_initiate_rekey_child_sa_t_handler
386 (vl_api_ikev2_initiate_rekey_child_sa_t * mp)
388 vl_api_ikev2_initiate_rekey_child_sa_reply_t *rmp;
392 vlib_main_t *vm = vlib_get_main ();
395 error = ikev2_initiate_rekey_child_sa (vm, mp->ispi);
397 rv = VNET_API_ERROR_UNSPECIFIED;
399 rv = VNET_API_ERROR_UNIMPLEMENTED;
402 REPLY_MACRO (VL_API_IKEV2_INITIATE_REKEY_CHILD_SA_REPLY);
405 #include <ikev2/ikev2.api.c>
406 static clib_error_t *
407 ikev2_api_init (vlib_main_t * vm)
409 ikev2_main_t *im = &ikev2_main;
411 /* Ask for a correctly-sized block of API message decode slots */
412 im->msg_id_base = setup_message_id_table ();
417 VLIB_INIT_FUNCTION (ikev2_api_init);
420 * fd.io coding-style-patch-verification: ON
423 * eval: (c-set-style "gnu")