1 /* $OpenBSD: sasyncd.h,v 1.19 2018/04/10 15:58:21 cheloha Exp $ */ 2 3 /* 4 * Copyright (c) 2005 H�kan Olsson. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 /* 29 * This code was written under funding by Multicom Security AB. 30 */ 31 32 33 #include <netinet/in.h> /* in_port_t and sa_family_t */ 34 #include <sys/queue.h> 35 36 enum RUNSTATE { INIT = 0, SLAVE, MASTER, FAIL }; 37 #define CARPSTATES { "INIT", "SLAVE", "MASTER", "FAIL" } 38 39 struct syncpeer; 40 struct timespec; 41 42 struct cfgstate { 43 enum RUNSTATE runstate; 44 enum RUNSTATE lockedstate; 45 int debug; 46 int verboselevel; 47 u_int32_t flags; 48 49 char *carp_ifname; 50 char *carp_ifgroup; 51 int carp_ifindex; 52 53 char *sharedkey; 54 int sharedkey_len; 55 56 int pfkey_socket; 57 58 int route_socket; 59 60 char *listen_on; 61 in_port_t listen_port; 62 sa_family_t listen_family; 63 64 int peercnt; 65 LIST_HEAD(, syncpeer) peerlist; 66 }; 67 68 /* flags */ 69 #define FM_STARTUP 0x0000 70 #define FM_NEVER 0x0001 71 #define FM_SYNC 0x0002 72 #define FM_MASK 0x0003 73 74 /* Do not sync SAs to/from our peers. */ 75 #define SKIP_LOCAL_SAS 0x0004 76 77 /* Control isakmpd or iked */ 78 #define CTL_NONE 0x0000 79 #define CTL_ISAKMPD 0x0008 80 #define CTL_IKED 0x0010 81 #define CTL_DEFAULT CTL_ISAKMPD 82 #define CTL_MASK 0x0018 83 84 extern struct cfgstate cfgstate; 85 extern int carp_demoted; 86 87 #define SASYNCD_USER "_isakmpd" 88 #define SASYNCD_CFGFILE "/etc/sasyncd.conf" 89 90 #define CARP_DEFAULT_INTERVAL 10 91 #define SASYNCD_DEFAULT_PORT 500 92 93 /* 94 * sasyncd "protocol" definition 95 * 96 * Message format: 97 * u_int32_t type 98 * u_int32_t len 99 * raw data 100 */ 101 102 /* sasyncd protocol message types */ 103 #define MSG_SYNCCTL 0 104 #define MSG_PFKEYDATA 1 105 #define MSG_MAXTYPE 1 /* Increase when new types are added. */ 106 107 108 #define CARP_DEC -1 109 #define CARP_INC 1 110 111 #define CARP_DEMOTE_MAXTIME 60 112 113 /* conf.c */ 114 int conf_parse_file(char *); 115 116 /* carp.c */ 117 int carp_init(void); 118 void carp_check_state(void); 119 void carp_demote(int, int); 120 void carp_update_state(enum RUNSTATE); 121 void carp_set_rfd(fd_set *); 122 void carp_read_message(fd_set *); 123 const char* carp_state_name(enum RUNSTATE); 124 void control_setrun(void); 125 126 127 /* log.c */ 128 /* 129 * Log levels for log_msg(level, ...) roughly means: 130 * 0 = errors and other important messages 131 * 1 = state changes, ctl message errors and dis-/connecting peers 132 * 2 = configuration and initialization messages 133 * 3 = PF_KEY logging 134 * 4 = misc network 135 * 5 = crypto 136 * 6 = timers 137 */ 138 void log_init(char *); 139 void log_msg(int, const char *, ...) 140 __attribute__((__format__ (printf, 2, 3))); 141 void log_err(const char *, ...) 142 __attribute__((__format__ (printf, 1, 2))); 143 144 /* monitor.c */ 145 pid_t monitor_init(void); 146 void monitor_loop(void); 147 void monitor_carpdemote(void *); 148 void monitor_carpundemote(void *); 149 150 /* net.c */ 151 void dump_buf(int, u_int8_t *, u_int32_t, char *); 152 void net_ctl_update_state(void); 153 int net_init(void); 154 void net_handle_messages(fd_set *); 155 int net_queue(struct syncpeer *, u_int32_t, u_int8_t *, u_int32_t); 156 void net_send_messages(fd_set *); 157 int net_set_rfds(fd_set *); 158 int net_set_pending_wfds(fd_set *); 159 void net_shutdown(void); 160 161 /* pfkey.c */ 162 int pfkey_init(int); 163 int pfkey_queue_message(u_int8_t *, u_int32_t); 164 void pfkey_read_message(fd_set *); 165 void pfkey_send_message(fd_set *); 166 void pfkey_set_rfd(fd_set *); 167 void pfkey_set_pending_wfd(fd_set *); 168 int pfkey_set_promisc(void); 169 void pfkey_shutdown(void); 170 void pfkey_snapshot(void *); 171 172 /* timer.c */ 173 void timer_init(void); 174 void timer_next_event(struct timespec *); 175 void timer_run(void); 176 int timer_add(char *, u_int32_t, void (*)(void *), void *); 177