2 *------------------------------------------------------------------
3 * ipsec_api.c - ipsec api
5 * Copyright (c) 2016 Cisco and/or its affiliates.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *------------------------------------------------------------------
20 #include <vnet/vnet.h>
21 #include <vlibmemory/api.h>
22 #include <vnet/api_errno.h>
23 #include <vpp/app/version.h>
25 #include <ikev2/ikev2.h>
26 #include <ikev2/ikev2_priv.h>
28 /* define message IDs */
29 #include <vnet/format_fns.h>
30 #include <plugins/ikev2/ikev2.api_enum.h>
31 #include <plugins/ikev2/ikev2.api_types.h>
33 extern ikev2_main_t ikev2_main;
35 #define IKEV2_PLUGIN_VERSION_MAJOR 1
36 #define IKEV2_PLUGIN_VERSION_MINOR 0
37 #define REPLY_MSG_ID_BASE ikev2_main.msg_id_base
38 #include <vlibapi/api_helper_macros.h>
41 vl_api_ikev2_plugin_get_version_t_handler (vl_api_ikev2_plugin_get_version_t *
44 ikev2_main_t *im = &ikev2_main;
45 vl_api_ikev2_plugin_get_version_reply_t *rmp;
46 int msg_size = sizeof (*rmp);
47 vl_api_registration_t *reg;
49 reg = vl_api_client_index_to_registration (mp->client_index);
53 rmp = vl_msg_api_alloc (msg_size);
54 clib_memset (rmp, 0, msg_size);
56 ntohs (VL_API_IKEV2_PLUGIN_GET_VERSION_REPLY + im->msg_id_base);
57 rmp->context = mp->context;
58 rmp->major = htonl (IKEV2_PLUGIN_VERSION_MAJOR);
59 rmp->minor = htonl (IKEV2_PLUGIN_VERSION_MINOR);
61 vl_api_send_msg (reg, (u8 *) rmp);
65 vl_api_ikev2_profile_set_liveness_t_handler
66 (vl_api_ikev2_profile_set_liveness_t * mp)
68 vl_api_ikev2_profile_set_liveness_reply_t *rmp;
73 error = ikev2_set_liveness_params (clib_net_to_host_u32 (mp->period),
74 clib_net_to_host_u32 (mp->max_retries));
76 rv = VNET_API_ERROR_UNSPECIFIED;
78 rv = VNET_API_ERROR_UNIMPLEMENTED;
81 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_LIVENESS_REPLY);
85 vl_api_ikev2_profile_add_del_t_handler (vl_api_ikev2_profile_add_del_t * mp)
87 vl_api_ikev2_profile_add_del_reply_t *rmp;
91 vlib_main_t *vm = vlib_get_main ();
93 u8 *tmp = format (0, "%s", mp->name);
94 error = ikev2_add_del_profile (vm, tmp, mp->is_add);
97 rv = VNET_API_ERROR_UNSPECIFIED;
99 rv = VNET_API_ERROR_UNIMPLEMENTED;
102 REPLY_MACRO (VL_API_IKEV2_PROFILE_ADD_DEL_REPLY);
106 vl_api_ikev2_profile_set_auth_t_handler
107 (vl_api_ikev2_profile_set_auth_t * mp)
109 vl_api_ikev2_profile_set_auth_reply_t *rmp;
113 vlib_main_t *vm = vlib_get_main ();
115 int data_len = ntohl (mp->data_len);
116 u8 *tmp = format (0, "%s", mp->name);
117 u8 *data = vec_new (u8, data_len);
118 clib_memcpy (data, mp->data, data_len);
119 error = ikev2_set_profile_auth (vm, tmp, mp->auth_method, data, mp->is_hex);
123 rv = VNET_API_ERROR_UNSPECIFIED;
125 rv = VNET_API_ERROR_UNIMPLEMENTED;
128 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_AUTH_REPLY);
132 vl_api_ikev2_profile_set_id_t_handler (vl_api_ikev2_profile_set_id_t * mp)
134 vl_api_ikev2_profile_set_id_reply_t *rmp;
138 vlib_main_t *vm = vlib_get_main ();
140 u8 *tmp = format (0, "%s", mp->name);
141 int data_len = ntohl (mp->data_len);
142 u8 *data = vec_new (u8, data_len);
143 clib_memcpy (data, mp->data, data_len);
144 error = ikev2_set_profile_id (vm, tmp, mp->id_type, data, mp->is_local);
148 rv = VNET_API_ERROR_UNSPECIFIED;
150 rv = VNET_API_ERROR_UNIMPLEMENTED;
153 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_ID_REPLY);
157 vl_api_ikev2_profile_set_udp_encap_t_handler
158 (vl_api_ikev2_profile_set_udp_encap_t * mp)
160 vl_api_ikev2_profile_set_udp_encap_reply_t *rmp;
164 vlib_main_t *vm = vlib_get_main ();
166 u8 *tmp = format (0, "%s", mp->name);
167 error = ikev2_set_profile_udp_encap (vm, tmp);
170 rv = VNET_API_ERROR_UNSPECIFIED;
172 rv = VNET_API_ERROR_UNIMPLEMENTED;
175 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_UDP_ENCAP);
179 vl_api_ikev2_profile_set_ts_t_handler (vl_api_ikev2_profile_set_ts_t * mp)
181 vl_api_ikev2_profile_set_ts_reply_t *rmp;
185 vlib_main_t *vm = vlib_get_main ();
187 u8 *tmp = format (0, "%s", mp->name);
189 ikev2_set_profile_ts (vm, tmp, mp->proto,
190 clib_net_to_host_u16 (mp->start_port),
191 clib_net_to_host_u16 (mp->end_port),
192 (ip4_address_t) mp->start_addr,
193 (ip4_address_t) mp->end_addr, mp->is_local);
196 rv = VNET_API_ERROR_UNSPECIFIED;
198 rv = VNET_API_ERROR_UNIMPLEMENTED;
201 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_TS_REPLY);
205 vl_api_ikev2_set_local_key_t_handler (vl_api_ikev2_set_local_key_t * mp)
207 vl_api_ikev2_set_local_key_reply_t *rmp;
211 vlib_main_t *vm = vlib_get_main ();
214 error = ikev2_set_local_key (vm, mp->key_file);
216 rv = VNET_API_ERROR_UNSPECIFIED;
218 rv = VNET_API_ERROR_UNIMPLEMENTED;
221 REPLY_MACRO (VL_API_IKEV2_SET_LOCAL_KEY_REPLY);
225 vl_api_ikev2_set_responder_t_handler (vl_api_ikev2_set_responder_t * mp)
227 vl_api_ikev2_set_responder_reply_t *rmp;
231 vlib_main_t *vm = vlib_get_main ();
234 u8 *tmp = format (0, "%s", mp->name);
236 clib_memcpy (&ip4, mp->address, sizeof (ip4));
238 error = ikev2_set_profile_responder (vm, tmp, ntohl (mp->sw_if_index), ip4);
241 rv = VNET_API_ERROR_UNSPECIFIED;
243 rv = VNET_API_ERROR_UNIMPLEMENTED;
246 REPLY_MACRO (VL_API_IKEV2_SET_RESPONDER_REPLY);
250 vl_api_ikev2_set_ike_transforms_t_handler (vl_api_ikev2_set_ike_transforms_t *
253 vl_api_ikev2_set_ike_transforms_reply_t *rmp;
257 vlib_main_t *vm = vlib_get_main ();
260 u8 *tmp = format (0, "%s", mp->name);
263 ikev2_set_profile_ike_transforms (vm, tmp, ntohl (mp->crypto_alg),
264 ntohl (mp->integ_alg),
265 ntohl (mp->dh_group),
266 ntohl (mp->crypto_key_size));
269 rv = VNET_API_ERROR_UNSPECIFIED;
271 rv = VNET_API_ERROR_UNIMPLEMENTED;
274 REPLY_MACRO (VL_API_IKEV2_SET_IKE_TRANSFORMS_REPLY);
278 vl_api_ikev2_set_esp_transforms_t_handler (vl_api_ikev2_set_esp_transforms_t *
281 vl_api_ikev2_set_esp_transforms_reply_t *rmp;
285 vlib_main_t *vm = vlib_get_main ();
288 u8 *tmp = format (0, "%s", mp->name);
291 ikev2_set_profile_esp_transforms (vm, tmp, ntohl (mp->crypto_alg),
292 ntohl (mp->integ_alg),
293 ntohl (mp->dh_group),
294 ntohl (mp->crypto_key_size));
297 rv = VNET_API_ERROR_UNSPECIFIED;
299 rv = VNET_API_ERROR_UNIMPLEMENTED;
302 REPLY_MACRO (VL_API_IKEV2_SET_ESP_TRANSFORMS_REPLY);
306 vl_api_ikev2_set_sa_lifetime_t_handler (vl_api_ikev2_set_sa_lifetime_t * mp)
308 vl_api_ikev2_set_sa_lifetime_reply_t *rmp;
312 vlib_main_t *vm = vlib_get_main ();
315 u8 *tmp = format (0, "%s", mp->name);
318 ikev2_set_profile_sa_lifetime (vm, tmp,
319 clib_net_to_host_u64 (mp->lifetime),
320 ntohl (mp->lifetime_jitter),
321 ntohl (mp->handover),
323 (mp->lifetime_maxdata));
326 rv = VNET_API_ERROR_UNSPECIFIED;
328 rv = VNET_API_ERROR_UNIMPLEMENTED;
331 REPLY_MACRO (VL_API_IKEV2_SET_SA_LIFETIME_REPLY);
335 vl_api_ikev2_profile_set_ipsec_udp_port_t_handler
336 (vl_api_ikev2_profile_set_ipsec_udp_port_t * mp)
338 vl_api_ikev2_profile_set_ipsec_udp_port_reply_t *rmp;
342 vlib_main_t *vm = vlib_get_main ();
344 u8 *tmp = format (0, "%s", mp->name);
347 ikev2_set_profile_ipsec_udp_port (vm, tmp,
348 clib_net_to_host_u16 (mp->port),
352 rv = VNET_API_ERROR_UNIMPLEMENTED;
355 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_IPSEC_UDP_PORT_REPLY);
359 vl_api_ikev2_set_tunnel_interface_t_handler
360 (vl_api_ikev2_set_tunnel_interface_t * mp)
362 vl_api_ikev2_set_tunnel_interface_reply_t *rmp;
365 VALIDATE_SW_IF_INDEX (mp);
368 u8 *tmp = format (0, "%s", mp->name);
371 error = ikev2_set_profile_tunnel_interface (vlib_get_main (), tmp,
372 ntohl (mp->sw_if_index));
375 rv = VNET_API_ERROR_UNSPECIFIED;
378 rv = VNET_API_ERROR_UNIMPLEMENTED;
381 BAD_SW_IF_INDEX_LABEL;
382 REPLY_MACRO (VL_API_IKEV2_SET_TUNNEL_INTERFACE_REPLY);
386 vl_api_ikev2_initiate_sa_init_t_handler (vl_api_ikev2_initiate_sa_init_t * mp)
388 vl_api_ikev2_initiate_sa_init_reply_t *rmp;
392 vlib_main_t *vm = vlib_get_main ();
395 u8 *tmp = format (0, "%s", mp->name);
397 error = ikev2_initiate_sa_init (vm, tmp);
400 rv = VNET_API_ERROR_UNSPECIFIED;
402 rv = VNET_API_ERROR_UNIMPLEMENTED;
405 REPLY_MACRO (VL_API_IKEV2_INITIATE_SA_INIT_REPLY);
409 vl_api_ikev2_initiate_del_ike_sa_t_handler (vl_api_ikev2_initiate_del_ike_sa_t
412 vl_api_ikev2_initiate_del_ike_sa_reply_t *rmp;
416 vlib_main_t *vm = vlib_get_main ();
419 error = ikev2_initiate_delete_ike_sa (vm, mp->ispi);
421 rv = VNET_API_ERROR_UNSPECIFIED;
423 rv = VNET_API_ERROR_UNIMPLEMENTED;
426 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_IKE_SA_REPLY);
430 vl_api_ikev2_initiate_del_child_sa_t_handler
431 (vl_api_ikev2_initiate_del_child_sa_t * mp)
433 vl_api_ikev2_initiate_del_child_sa_reply_t *rmp;
437 vlib_main_t *vm = vlib_get_main ();
440 error = ikev2_initiate_delete_child_sa (vm, mp->ispi);
442 rv = VNET_API_ERROR_UNSPECIFIED;
444 rv = VNET_API_ERROR_UNIMPLEMENTED;
447 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_CHILD_SA_REPLY);
451 vl_api_ikev2_initiate_rekey_child_sa_t_handler
452 (vl_api_ikev2_initiate_rekey_child_sa_t * mp)
454 vl_api_ikev2_initiate_rekey_child_sa_reply_t *rmp;
458 vlib_main_t *vm = vlib_get_main ();
461 error = ikev2_initiate_rekey_child_sa (vm, mp->ispi);
463 rv = VNET_API_ERROR_UNSPECIFIED;
465 rv = VNET_API_ERROR_UNIMPLEMENTED;
468 REPLY_MACRO (VL_API_IKEV2_INITIATE_REKEY_CHILD_SA_REPLY);
471 #include <ikev2/ikev2.api.c>
472 static clib_error_t *
473 ikev2_api_init (vlib_main_t * vm)
475 ikev2_main_t *im = &ikev2_main;
477 /* Ask for a correctly-sized block of API message decode slots */
478 im->msg_id_base = setup_message_id_table ();
483 VLIB_INIT_FUNCTION (ikev2_api_init);
486 * fd.io coding-style-patch-verification: ON
489 * eval: (c-set-style "gnu")