xref: /titanic_41/usr/src/cmd/dcs/sparc/sun4u/dcs.h (revision 10a4fa49f51ed9ae1c857a626de6ce9ebf41661a)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_DCS_H
27 #define	_DCS_H
28 
29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
30 
31 #ifdef	__cplusplus
32 extern "C" {
33 #endif
34 
35 #include <poll.h>
36 #include <signal.h>
37 
38 #include "remote_cfg.h"
39 #include "rdr_param_types.h"
40 
41 
42 #define	DCS_SERVICE		"sun-dr"
43 #define	SUN_DR_PORT		665
44 #define	DCS_BACKLOG		10
45 
46 #define	BLOCKFOREVER		(-1)
47 #define	DCS_SND_TIMEOUT		60000		/* 1 minute */
48 #define	DCS_RCV_TIMEOUT		300000		/* 5 minutes */
49 #define	DCS_RCV_CB_TIMEOUT	43200000	/* 12 hours */
50 
51 #define	DCS_ERR_OFFSET		12000
52 #define	MAX_MSG_LEN		512
53 
54 #define	DCS_MAX_SESSIONS	128
55 
56 /*
57  * Header files for per-socket IPsec
58  */
59 #include <netinet/in.h>
60 #include <net/pfkeyv2.h>
61 
62 
63 /*
64  * The IPsec socket option struct, from ipsec(7P):
65  *
66  *     typedef struct ipsec_req {
67  *         uint_t      ipsr_ah_req;            AH request
68  *         uint_t      ipsr_esp_req;           ESP request
69  *         uint_t      ipsr_self_encap_req;    Self-Encap request
70  *         uint8_t     ipsr_auth_alg;          Auth algs for AH
71  *         uint8_t     ipsr_esp_alg;           Encr algs for ESP
72  *         uint8_t     ipsr_esp_auth_alg;      Auth algs for ESP
73  *     } ipsec_req_t;
74  *
75  * The -a option sets the ipsr_auth_alg field. Allowable arguments
76  * are "none", "md5", or "sha1". The -e option sets the ipsr_esp_alg
77  * field. Allowable arguments are "none", "des", or "3des". "none"
78  * is the default for both options. The -u option sets the ipsr_esp_auth_alg
79  * field. Allowable arguments are the same as -a.
80  *
81  * The arguments ("md5", "des", etc.) are named so that they match
82  * kmd(1m)'s accepted arguments which are listed on the SC in
83  * /etc/opt/SUNWSMS/SMS/config/kmd_policy.cf.
84  */
85 #define	AH_REQ		(IPSEC_PREF_REQUIRED | IPSEC_PREF_UNIQUE)
86 #define	ESP_REQ		(IPSEC_PREF_REQUIRED | IPSEC_PREF_UNIQUE)
87 #define	SELF_ENCAP_REQ	0x0
88 
89 /*
90  * A type to hold the command line argument string used to select a
91  * particular authentication header (AH) or encapsulating security
92  * payload (ESP) algorithm and the ID used for that algorithm when
93  * filling the ipsec_req_t structure which is passed to
94  * setsockopt(3SOCKET).
95  */
96 typedef struct dcs_alg {
97 	char		*arg_name;
98 	uint8_t		alg_id;
99 } dcs_alg_t;
100 
101 
102 /*
103  * Debugging
104  */
105 #define	DBG_NONE	0x00000000
106 #define	DBG_ALL		0xFFFFFFFF
107 #define	DBG_INFO	0x00000001
108 #define	DBG_MSG		0x00000002
109 #define	DBG_SES		0x00000004
110 #define	DBG_STATE	0x00000008
111 
112 #ifdef DCS_DEBUG
113 
114 /*
115  * supported options for debug version:
116  *
117  * -d  control the amount of debugging
118  * -S  control standalone mode
119  * -s  control maximum active sessions
120  * -a  control the IPsec AH algorithm ("none", "md5", or "sha1")
121  * -e  control the IPsec ESP encr algorithm ("none", "des", or "3des")
122  * -u  control the IPsec ESP auth algorithm ("none", "md5", or "sha1")
123  * -l  control the use of libdscp for endpoint authentication.
124  */
125 #define	OPT_STR		"d:Ss:a:e:u:l"
126 
127 #else /* DCS_DEBUG */
128 
129 /*
130  * supported options for non-debug version:
131  *
132  * -s  control maximum active sessions
133  * -a  control the IPsec AH algorithm ("none", "md5", or "sha1")
134  * -e  control the IPsec ESP encr algorithm ("none", "des", or "3des")
135  * -u  control the IPsec ESP auth algorithm ("none", "md5", or "sha1")
136  * -l  control the use of libdscp for endpoint authentication.
137  */
138 #define	OPT_STR		"s:a:e:u:l"
139 
140 #endif /* DCS_DEBUG */
141 
142 
143 /*
144  * Error codes that are used internally in the DCS. These error codes
145  * are mapped to the strings listed to the right of each error code
146  * as a comment.
147  */
148 typedef enum {
149 
150 	/*
151 	 * Network Errors:
152 	 */
153 	DCS_INIT_ERR = 0,   /* network initialization failed		   */
154 	DCS_NO_PORT,	    /* failed to acquire reserved port		   */
155 	DCS_CONNECT_ERR,    /* connection attempt failed		   */
156 	DCS_RECEIVE_ERR,    /* unable to receive message		   */
157 	DCS_OP_REPLY_ERR,   /* unable to send message for %s operation	   */
158 	DCS_NO_SERV,	    /* %s service not found, using reserved	   */
159 			    /* port 665					   */
160 	DCS_DISCONNECT,	    /* client disconnected			   */
161 
162 	/*
163 	 * Session Errors:
164 	 */
165 	DCS_SES_HAND_ERR,   /* failed to start a new session handler	   */
166 	DCS_ABORT_ERR,	    /* abort attempt of session, %d, unsuccessful  */
167 	DCS_VER_INVAL,	    /* unsupported message protocol version %d.%d  */
168 	DCS_SES_ABORTED,    /* session aborted				   */
169 
170 	/*
171 	 * DR Request Errors:
172 	 */
173 	DCS_UNKNOWN_OP,	    /* unknown operation requested		   */
174 	DCS_OP_FAILED,	    /* operation failed				   */
175 	DCS_SES_SEQ_INVAL,  /* invalid session establishment sequence	   */
176 	DCS_NO_SES_ESTBL,   /* %s operation issued before session	   */
177 			    /* established				   */
178 	DCS_MSG_INVAL,	    /* received an invalid message		   */
179 	DCS_CONF_CB_ERR,    /* confirm callback failed, aborting operation */
180 	DCS_MSG_CB_ERR,	    /* message callback failed, continuing	   */
181 	DCS_BAD_RETRY_VAL,  /* retry value invalid (%d)			   */
182 	DCS_BAD_TIME_VAL,   /* timeout value invalid (%d)		   */
183 	DCS_RETRY,	    /* retrying operation, attempt %d		   */
184 
185 	/*
186 	 * General Errors:
187 	 */
188 	DCS_NO_PRIV,	    /* permission denied			   */
189 	DCS_INT_ERR,	    /* internal error: %s: %s			   */
190 	DCS_UNKNOWN_ERR,    /* unrecognized error reported		   */
191 	DCS_BAD_OPT,	    /* illegal option (-%c), exiting		   */
192 	DCS_BAD_OPT_ARG,    /* illegal argument to -%c flag (%s), %s	   */
193 	DCS_CFGA_UNKNOWN,   /* configuration administration unknown error  */
194 	DCS_CFGA_ERR,	    /* %s: %s					   */
195 	DCS_RSRC_ERR,	    /* resource info init error (%d)		   */
196 	DCS_NO_ERR,	    /* no error					   */
197 	DCS_MSG_COUNT	    /* NULL					   */
198 
199 } dcs_err_code;
200 
201 
202 /*
203  * Public error codes. These error codes are returned to the
204  * client in the event of a fatal error. Since the DCS can
205  * report either a libcfgadm or internal error, there is a
206  * possiblity of conflicting error codes. To avoid this, the
207  * DCS error codes are offset by a constant value. However,
208  * 0 will always indicate that no errors have occurred.
209  */
210 typedef enum {
211 	DCS_OK = 0,
212 	DCS_ERROR = DCS_ERR_OFFSET,
213 	DCS_MSG_INVAL_ERR,
214 	DCS_VER_INVAL_ERR,
215 	DCS_NO_SES_ERR,
216 	DCS_SES_INVAL_ERR,
217 	DCS_SES_SEQ_INVAL_ERR,
218 	DCS_SES_ABORTED_ERR
219 } dcs_err_t;
220 
221 
222 /*
223  * DCS states. These states are the states that the DCS moves
224  * through as it processes a DR request. The order represents
225  * the transitions performed in a successful operation.
226  */
227 typedef enum {
228 	DCS_CONNECTED = 1,
229 	DCS_SES_REQ,
230 	DCS_SES_ESTBL,
231 	DCS_CONF_PENDING,
232 	DCS_CONF_DONE,
233 	DCS_SES_END
234 } dcs_ses_state_t;
235 
236 
237 /*
238  * Message Contents
239  */
240 typedef struct message {
241 	rdr_msg_hdr_t	*hdr;
242 	cfga_params_t	*params;
243 } message_t;
244 
245 
246 /*
247  * Session information
248  */
249 typedef struct session {
250 	unsigned long	id;
251 	unsigned short	major_version;
252 	unsigned short	minor_version;
253 	unsigned long	random_req;
254 	unsigned long	random_resp;
255 
256 	int		fd;
257 	dcs_ses_state_t	state;
258 	message_t	curr_msg;
259 } session_t;
260 
261 
262 /*
263  * Message Direction
264  */
265 typedef enum {
266 	DCS_SEND,
267 	DCS_RECEIVE
268 } dcs_msg_type_t;
269 
270 
271 /*
272  * Globals
273  */
274 extern ulong_t	dcs_debug;
275 extern int	standalone;
276 extern ulong_t	max_sessions;
277 extern int	use_libdscp;
278 
279 
280 /*
281  * From dcs.c:
282  */
283 int dcs_dispatch_message(rdr_msg_hdr_t *hdr, cfga_params_t *params);
284 void init_msg(rdr_msg_hdr_t *hdr);
285 
286 /*
287  * From dcs_ses.c:
288  */
289 int ses_start(int fd);
290 int ses_close(int err_code);
291 int ses_abort(long ses_id);
292 void ses_abort_enable(void);
293 void ses_abort_disable(void);
294 void abort_handler(void);
295 int ses_setlocale(char *locale);
296 void ses_init_signals(sigset_t *mask);
297 void ses_sleep(int sec);
298 int ses_poll(struct pollfd fds[], nfds_t nfds, int timeout);
299 session_t *curr_ses(void);
300 long curr_ses_id(void);
301 
302 /*
303  * From dcs_msg.c:
304  */
305 void dcs_log_msg(int priority, int code, ...);
306 char *dcs_cfga_str(char **err_str, int err_code);
307 void dcs_dbg(int level, char *fmt, ...);
308 void print_msg_hdr(dcs_msg_type_t type, rdr_msg_hdr_t *hdr);
309 const char *dcs_strerror(int err_code);
310 
311 
312 /*
313  * If the dcs_debug global variable is not set, no
314  * debugging messages will be logged.
315  */
316 #define	DCS_DBG		if (dcs_debug) dcs_dbg
317 #define	PRINT_MSG_DBG	if (dcs_debug) print_msg_hdr
318 
319 
320 #ifdef	__cplusplus
321 }
322 #endif
323 
324 #endif /* _DCS_H */
325