2 *------------------------------------------------------------------
3 * ipsec_api.c - ipsec api
5 * Copyright (c) 2016 Cisco and/or its affiliates.
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at:
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *------------------------------------------------------------------
20 #include <vnet/vnet.h>
21 #include <vlibmemory/api.h>
22 #include <vnet/api_errno.h>
23 #include <vpp/app/version.h>
25 #include <ikev2/ikev2.h>
26 #include <ikev2/ikev2_priv.h>
28 /* define message IDs */
29 #include <vnet/format_fns.h>
30 #include <plugins/ikev2/ikev2.api_enum.h>
31 #include <plugins/ikev2/ikev2.api_types.h>
33 extern ikev2_main_t ikev2_main;
35 #define IKEV2_PLUGIN_VERSION_MAJOR 1
36 #define IKEV2_PLUGIN_VERSION_MINOR 0
37 #define REPLY_MSG_ID_BASE ikev2_main.msg_id_base
38 #include <vlibapi/api_helper_macros.h>
41 vl_api_ikev2_plugin_get_version_t_handler (vl_api_ikev2_plugin_get_version_t *
44 ikev2_main_t *im = &ikev2_main;
45 vl_api_ikev2_plugin_get_version_reply_t *rmp;
46 int msg_size = sizeof (*rmp);
47 vl_api_registration_t *reg;
49 reg = vl_api_client_index_to_registration (mp->client_index);
53 rmp = vl_msg_api_alloc (msg_size);
54 clib_memset (rmp, 0, msg_size);
56 ntohs (VL_API_IKEV2_PLUGIN_GET_VERSION_REPLY + im->msg_id_base);
57 rmp->context = mp->context;
58 rmp->major = htonl (IKEV2_PLUGIN_VERSION_MAJOR);
59 rmp->minor = htonl (IKEV2_PLUGIN_VERSION_MINOR);
61 vl_api_send_msg (reg, (u8 *) rmp);
65 vl_api_ikev2_profile_add_del_t_handler (vl_api_ikev2_profile_add_del_t * mp)
67 vl_api_ikev2_profile_add_del_reply_t *rmp;
71 vlib_main_t *vm = vlib_get_main ();
73 u8 *tmp = format (0, "%s", mp->name);
74 error = ikev2_add_del_profile (vm, tmp, mp->is_add);
77 rv = VNET_API_ERROR_UNSPECIFIED;
79 rv = VNET_API_ERROR_UNIMPLEMENTED;
82 REPLY_MACRO (VL_API_IKEV2_PROFILE_ADD_DEL_REPLY);
86 vl_api_ikev2_profile_set_auth_t_handler
87 (vl_api_ikev2_profile_set_auth_t * mp)
89 vl_api_ikev2_profile_set_auth_reply_t *rmp;
93 vlib_main_t *vm = vlib_get_main ();
95 int data_len = ntohl (mp->data_len);
96 u8 *tmp = format (0, "%s", mp->name);
97 u8 *data = vec_new (u8, data_len);
98 clib_memcpy (data, mp->data, data_len);
99 error = ikev2_set_profile_auth (vm, tmp, mp->auth_method, data, mp->is_hex);
103 rv = VNET_API_ERROR_UNSPECIFIED;
105 rv = VNET_API_ERROR_UNIMPLEMENTED;
108 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_AUTH_REPLY);
112 vl_api_ikev2_profile_set_id_t_handler (vl_api_ikev2_profile_set_id_t * mp)
114 vl_api_ikev2_profile_set_id_reply_t *rmp;
118 vlib_main_t *vm = vlib_get_main ();
120 u8 *tmp = format (0, "%s", mp->name);
121 int data_len = ntohl (mp->data_len);
122 u8 *data = vec_new (u8, data_len);
123 clib_memcpy (data, mp->data, data_len);
124 error = ikev2_set_profile_id (vm, tmp, mp->id_type, data, mp->is_local);
128 rv = VNET_API_ERROR_UNSPECIFIED;
130 rv = VNET_API_ERROR_UNIMPLEMENTED;
133 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_ID_REPLY);
137 vl_api_ikev2_profile_set_udp_encap_t_handler
138 (vl_api_ikev2_profile_set_udp_encap_t * mp)
140 vl_api_ikev2_profile_set_udp_encap_reply_t *rmp;
144 vlib_main_t *vm = vlib_get_main ();
146 u8 *tmp = format (0, "%s", mp->name);
147 error = ikev2_set_profile_udp_encap (vm, tmp);
150 rv = VNET_API_ERROR_UNSPECIFIED;
152 rv = VNET_API_ERROR_UNIMPLEMENTED;
155 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_UDP_ENCAP);
159 vl_api_ikev2_profile_set_ts_t_handler (vl_api_ikev2_profile_set_ts_t * mp)
161 vl_api_ikev2_profile_set_ts_reply_t *rmp;
165 vlib_main_t *vm = vlib_get_main ();
167 u8 *tmp = format (0, "%s", mp->name);
169 ikev2_set_profile_ts (vm, tmp, mp->proto,
170 clib_net_to_host_u16 (mp->start_port),
171 clib_net_to_host_u16 (mp->end_port),
172 (ip4_address_t) mp->start_addr,
173 (ip4_address_t) mp->end_addr, mp->is_local);
176 rv = VNET_API_ERROR_UNSPECIFIED;
178 rv = VNET_API_ERROR_UNIMPLEMENTED;
181 REPLY_MACRO (VL_API_IKEV2_PROFILE_SET_TS_REPLY);
185 vl_api_ikev2_set_local_key_t_handler (vl_api_ikev2_set_local_key_t * mp)
187 vl_api_ikev2_set_local_key_reply_t *rmp;
191 vlib_main_t *vm = vlib_get_main ();
194 error = ikev2_set_local_key (vm, mp->key_file);
196 rv = VNET_API_ERROR_UNSPECIFIED;
198 rv = VNET_API_ERROR_UNIMPLEMENTED;
201 REPLY_MACRO (VL_API_IKEV2_SET_LOCAL_KEY_REPLY);
205 vl_api_ikev2_set_responder_t_handler (vl_api_ikev2_set_responder_t * mp)
207 vl_api_ikev2_set_responder_reply_t *rmp;
211 vlib_main_t *vm = vlib_get_main ();
214 u8 *tmp = format (0, "%s", mp->name);
216 clib_memcpy (&ip4, mp->address, sizeof (ip4));
218 error = ikev2_set_profile_responder (vm, tmp, ntohl (mp->sw_if_index), ip4);
221 rv = VNET_API_ERROR_UNSPECIFIED;
223 rv = VNET_API_ERROR_UNIMPLEMENTED;
226 REPLY_MACRO (VL_API_IKEV2_SET_RESPONDER_REPLY);
230 vl_api_ikev2_set_ike_transforms_t_handler (vl_api_ikev2_set_ike_transforms_t *
233 vl_api_ikev2_set_ike_transforms_reply_t *rmp;
237 vlib_main_t *vm = vlib_get_main ();
240 u8 *tmp = format (0, "%s", mp->name);
243 ikev2_set_profile_ike_transforms (vm, tmp, ntohl (mp->crypto_alg),
244 ntohl (mp->integ_alg),
245 ntohl (mp->dh_group),
246 ntohl (mp->crypto_key_size));
249 rv = VNET_API_ERROR_UNSPECIFIED;
251 rv = VNET_API_ERROR_UNIMPLEMENTED;
254 REPLY_MACRO (VL_API_IKEV2_SET_IKE_TRANSFORMS_REPLY);
258 vl_api_ikev2_set_esp_transforms_t_handler (vl_api_ikev2_set_esp_transforms_t *
261 vl_api_ikev2_set_esp_transforms_reply_t *rmp;
265 vlib_main_t *vm = vlib_get_main ();
268 u8 *tmp = format (0, "%s", mp->name);
271 ikev2_set_profile_esp_transforms (vm, tmp, ntohl (mp->crypto_alg),
272 ntohl (mp->integ_alg),
273 ntohl (mp->dh_group),
274 ntohl (mp->crypto_key_size));
277 rv = VNET_API_ERROR_UNSPECIFIED;
279 rv = VNET_API_ERROR_UNIMPLEMENTED;
282 REPLY_MACRO (VL_API_IKEV2_SET_ESP_TRANSFORMS_REPLY);
286 vl_api_ikev2_set_sa_lifetime_t_handler (vl_api_ikev2_set_sa_lifetime_t * mp)
288 vl_api_ikev2_set_sa_lifetime_reply_t *rmp;
292 vlib_main_t *vm = vlib_get_main ();
295 u8 *tmp = format (0, "%s", mp->name);
298 ikev2_set_profile_sa_lifetime (vm, tmp,
299 clib_net_to_host_u64 (mp->lifetime),
300 ntohl (mp->lifetime_jitter),
301 ntohl (mp->handover),
303 (mp->lifetime_maxdata));
306 rv = VNET_API_ERROR_UNSPECIFIED;
308 rv = VNET_API_ERROR_UNIMPLEMENTED;
311 REPLY_MACRO (VL_API_IKEV2_SET_SA_LIFETIME_REPLY);
315 vl_api_ikev2_set_tunnel_interface_t_handler
316 (vl_api_ikev2_set_tunnel_interface_t * mp)
318 vl_api_ikev2_set_tunnel_interface_reply_t *rmp;
321 VALIDATE_SW_IF_INDEX (mp);
324 u8 *tmp = format (0, "%s", mp->name);
327 error = ikev2_set_profile_tunnel_interface (vlib_get_main (), tmp,
328 ntohl (mp->sw_if_index));
331 rv = VNET_API_ERROR_UNSPECIFIED;
334 rv = VNET_API_ERROR_UNIMPLEMENTED;
337 BAD_SW_IF_INDEX_LABEL;
338 REPLY_MACRO (VL_API_IKEV2_SET_TUNNEL_INTERFACE_REPLY);
342 vl_api_ikev2_initiate_sa_init_t_handler (vl_api_ikev2_initiate_sa_init_t * mp)
344 vl_api_ikev2_initiate_sa_init_reply_t *rmp;
348 vlib_main_t *vm = vlib_get_main ();
351 u8 *tmp = format (0, "%s", mp->name);
353 error = ikev2_initiate_sa_init (vm, tmp);
356 rv = VNET_API_ERROR_UNSPECIFIED;
358 rv = VNET_API_ERROR_UNIMPLEMENTED;
361 REPLY_MACRO (VL_API_IKEV2_INITIATE_SA_INIT_REPLY);
365 vl_api_ikev2_initiate_del_ike_sa_t_handler (vl_api_ikev2_initiate_del_ike_sa_t
368 vl_api_ikev2_initiate_del_ike_sa_reply_t *rmp;
372 vlib_main_t *vm = vlib_get_main ();
375 error = ikev2_initiate_delete_ike_sa (vm, mp->ispi);
377 rv = VNET_API_ERROR_UNSPECIFIED;
379 rv = VNET_API_ERROR_UNIMPLEMENTED;
382 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_IKE_SA_REPLY);
386 vl_api_ikev2_initiate_del_child_sa_t_handler
387 (vl_api_ikev2_initiate_del_child_sa_t * mp)
389 vl_api_ikev2_initiate_del_child_sa_reply_t *rmp;
393 vlib_main_t *vm = vlib_get_main ();
396 error = ikev2_initiate_delete_child_sa (vm, mp->ispi);
398 rv = VNET_API_ERROR_UNSPECIFIED;
400 rv = VNET_API_ERROR_UNIMPLEMENTED;
403 REPLY_MACRO (VL_API_IKEV2_INITIATE_DEL_CHILD_SA_REPLY);
407 vl_api_ikev2_initiate_rekey_child_sa_t_handler
408 (vl_api_ikev2_initiate_rekey_child_sa_t * mp)
410 vl_api_ikev2_initiate_rekey_child_sa_reply_t *rmp;
414 vlib_main_t *vm = vlib_get_main ();
417 error = ikev2_initiate_rekey_child_sa (vm, mp->ispi);
419 rv = VNET_API_ERROR_UNSPECIFIED;
421 rv = VNET_API_ERROR_UNIMPLEMENTED;
424 REPLY_MACRO (VL_API_IKEV2_INITIATE_REKEY_CHILD_SA_REPLY);
427 #include <ikev2/ikev2.api.c>
428 static clib_error_t *
429 ikev2_api_init (vlib_main_t * vm)
431 ikev2_main_t *im = &ikev2_main;
433 /* Ask for a correctly-sized block of API message decode slots */
434 im->msg_id_base = setup_message_id_table ();
439 VLIB_INIT_FUNCTION (ikev2_api_init);
442 * fd.io coding-style-patch-verification: ON
445 * eval: (c-set-style "gnu")