1/* $OpenBSD: sasyncd.h,v 1.19 2018/04/10 15:58:21 cheloha Exp $ */ 2 3/* 4 * Copyright (c) 2005 H�kan Olsson. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28/* 29 * This code was written under funding by Multicom Security AB. 30 */ 31 32 33#include <netinet/in.h> /* in_port_t and sa_family_t */ 34#include <sys/queue.h> 35 36enum RUNSTATE { INIT = 0, SLAVE, MASTER, FAIL }; 37#define CARPSTATES { "INIT", "SLAVE", "MASTER", "FAIL" } 38 39struct syncpeer; 40struct timespec; 41 42struct cfgstate { 43 enum RUNSTATE runstate; 44 enum RUNSTATE lockedstate; 45 int debug; 46 int verboselevel; 47 u_int32_t flags; 48 49 char *carp_ifname; 50 char *carp_ifgroup; 51 int carp_ifindex; 52 53 char *sharedkey; 54 int sharedkey_len; 55 56 int pfkey_socket; 57 58 int route_socket; 59 60 char *listen_on; 61 in_port_t listen_port; 62 sa_family_t listen_family; 63 64 int peercnt; 65 LIST_HEAD(, syncpeer) peerlist; 66}; 67 68/* flags */ 69#define FM_STARTUP 0x0000 70#define FM_NEVER 0x0001 71#define FM_SYNC 0x0002 72#define FM_MASK 0x0003 73 74/* Do not sync SAs to/from our peers. */ 75#define SKIP_LOCAL_SAS 0x0004 76 77/* Control isakmpd or iked */ 78#define CTL_NONE 0x0000 79#define CTL_ISAKMPD 0x0008 80#define CTL_IKED 0x0010 81#define CTL_DEFAULT CTL_ISAKMPD 82#define CTL_MASK 0x0018 83 84extern struct cfgstate cfgstate; 85extern int carp_demoted; 86 87#define SASYNCD_USER "_isakmpd" 88#define SASYNCD_CFGFILE "/etc/sasyncd.conf" 89 90#define CARP_DEFAULT_INTERVAL 10 91#define SASYNCD_DEFAULT_PORT 500 92 93/* 94 * sasyncd "protocol" definition 95 * 96 * Message format: 97 * u_int32_t type 98 * u_int32_t len 99 * raw data 100 */ 101 102/* sasyncd protocol message types */ 103#define MSG_SYNCCTL 0 104#define MSG_PFKEYDATA 1 105#define MSG_MAXTYPE 1 /* Increase when new types are added. */ 106 107 108#define CARP_DEC -1 109#define CARP_INC 1 110 111#define CARP_DEMOTE_MAXTIME 60 112 113/* conf.c */ 114int conf_parse_file(char *); 115 116/* carp.c */ 117int carp_init(void); 118void carp_check_state(void); 119void carp_demote(int, int); 120void carp_update_state(enum RUNSTATE); 121void carp_set_rfd(fd_set *); 122void carp_read_message(fd_set *); 123const char* carp_state_name(enum RUNSTATE); 124void control_setrun(void); 125 126 127/* log.c */ 128/* 129 * Log levels for log_msg(level, ...) roughly means: 130 * 0 = errors and other important messages 131 * 1 = state changes, ctl message errors and dis-/connecting peers 132 * 2 = configuration and initialization messages 133 * 3 = PF_KEY logging 134 * 4 = misc network 135 * 5 = crypto 136 * 6 = timers 137 */ 138void log_init(char *); 139void log_msg(int, const char *, ...) 140 __attribute__((__format__ (printf, 2, 3))); 141void log_err(const char *, ...) 142 __attribute__((__format__ (printf, 1, 2))); 143 144/* monitor.c */ 145pid_t monitor_init(void); 146void monitor_loop(void); 147void monitor_carpdemote(void *); 148void monitor_carpundemote(void *); 149 150/* net.c */ 151void dump_buf(int, u_int8_t *, u_int32_t, char *); 152void net_ctl_update_state(void); 153int net_init(void); 154void net_handle_messages(fd_set *); 155int net_queue(struct syncpeer *, u_int32_t, u_int8_t *, u_int32_t); 156void net_send_messages(fd_set *); 157int net_set_rfds(fd_set *); 158int net_set_pending_wfds(fd_set *); 159void net_shutdown(void); 160 161/* pfkey.c */ 162int pfkey_init(int); 163int pfkey_queue_message(u_int8_t *, u_int32_t); 164void pfkey_read_message(fd_set *); 165void pfkey_send_message(fd_set *); 166void pfkey_set_rfd(fd_set *); 167void pfkey_set_pending_wfd(fd_set *); 168int pfkey_set_promisc(void); 169void pfkey_shutdown(void); 170void pfkey_snapshot(void *); 171 172/* timer.c */ 173void timer_init(void); 174void timer_next_event(struct timespec *); 175void timer_run(void); 176int timer_add(char *, u_int32_t, void (*)(void *), void *); 177