summaryrefslogtreecommitdiffstats
path: root/src/plugins/wireguard/wireguard.api
blob: 508c0cf79818a6f230f54d8459706b42b662beb7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
/* Hey Emacs use -*- mode: C -*- */
/*
 * Copyright (c) 2020 Doc.ai and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

option version = "0.3.0";

import "vnet/interface_types.api";
import "vnet/ip/ip_types.api";

/** \brief Create wireguard interface
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
    @param private_key - private key in binary format of this device
    @param public_key - public key in binary format of this device
    @param port - port of this device
    @param src_ip - packet sent through this interface us this
                    address as the IP source.
*/
typedef wireguard_interface
{
  u32 user_instance [default=0xffffffff];
  vl_api_interface_index_t sw_if_index;
  u8 private_key[32];
  u8 public_key[32];
  u16 port;
  vl_api_address_t src_ip;
};

/** \brief Create an Wireguard interface
 */
define wireguard_interface_create {
  u32 client_index;
  u32 context;
  vl_api_wireguard_interface_t interface;
  bool generate_key;
};

/** \brief Add Wireguard interface interface response
    @param context - sender context, to match reply w/ request
    @param retval - return status
    @param sw_if_index - sw_if_index of new interface (for successful add)
*/
define wireguard_interface_create_reply
{
  u32 context;
  i32 retval;
  vl_api_interface_index_t sw_if_index;
};

autoreply define wireguard_interface_delete
{
  u32 client_index;
  u32 context;
  vl_api_interface_index_t sw_if_index;
};

define wireguard_interface_dump
{
  u32 client_index;
  u32 context;
  bool show_private_key;
  vl_api_interface_index_t sw_if_index;
};

define wireguard_interface_details
{
  u32 context;
  vl_api_wireguard_interface_t interface;
};

enum wireguard_peer_flags : u8
{
  WIREGUARD_PEER_STATUS_DEAD = 0x1,
  WIREGUARD_PEER_ESTABLISHED = 0x2,
};

/** \brief Peer structure
    @param peer_index - peer pool index
    @param public_key - public key (in binary format) of destination peer
    @param port - destination port
    @param persistent_keepalive - keepalive packet timeout
    @param table_id - The IP table in which 'endpoint' is reachable
    @param endpoint - destination ip
    @param sw_if_index - tunnel SW interface
    @param flags - peer status flags
    @param n_allowed_ips - number of prefixes in allowed_ips
    @param allowed_ips - allowed incoming tunnel prefixes
*/
typedef wireguard_peer
{
  u32 peer_index;
  u8 public_key[32];
  u16 port;
  u16 persistent_keepalive;
  u32 table_id;
  vl_api_address_t endpoint;
  vl_api_interface_index_t sw_if_index;
  vl_api_wireguard_peer_flags_t flags;
  u8 n_allowed_ips;
  vl_api_prefix_t allowed_ips[n_allowed_ips];
};

service {
  rpc want_wireguard_peer_events returns want_wireguard_peer_events_reply
    events wireguard_peer_event;
};
/** \brief Register for wireguard peer events
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
    @param sw_if_index - index of the interface to dump peer info on, ~0 if on all
    @param peer_index - index of the peer to dump info on, ~0 if on all
    @param enable_disable - 1 => register for events, 0 => cancel registration
    @param pid - sender's pid
*/
autoreply define want_wireguard_peer_events
{
  u32 client_index;
  u32 context;
  vl_api_interface_index_t sw_if_index [default=0xFFFFFFFF];
  u32 peer_index [default=0xFFFFFFFF];
  u32 enable_disable;
  u32 pid;
};
/** \brief Interface Event generated by want_wireguard_peer_events
    @param client_index - opaque cookie to identify the sender
    @param pid - client pid registered to receive notification
    @param peer_index - index of the peer for this event
    @param deleted - interface was deleted
*/
define wireguard_peer_event
{
  u32 client_index;
  u32 pid;
  u32 peer_index;
  vl_api_wireguard_peer_flags_t flags;
};

/** \brief Create new peer
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
    @param peer - peer to create
*/
define wireguard_peer_add
{
  u32 client_index;
  u32 context;
  vl_api_wireguard_peer_t peer;
};

/** \brief Create new peer
    @param context - sender context, to match reply w/ request
    @param retval - return status
    @param peer_index - Created or existing peer pool index
*/
define wireguard_peer_add_reply
{
  u32 context;
  i32 retval;
  u32 peer_index;
};

/** \brief Remove peer
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
    @param peer_index - peer to be removed
*/
autoreply define wireguard_peer_remove
{
  u32 client_index;
  u32 context;
  u32 peer_index;
};

/** \brief Dump all peers
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
    @param peer_index - peer index to be dumped.  If 0xFFFFFFFF dumps all peers
*/
define wireguard_peers_dump {
  u32 client_index;
  u32 context;
  u32 peer_index [default=0xFFFFFFFF];
};

/** \brief Dump peer details
    @param context - sender context, to match reply w/ request
    @param peer - peer details
*/
define wireguard_peers_details {
  u32 context;
  vl_api_wireguard_peer_t peer;
};

/** \brief Wireguard Set Async mode
    @param client_index - opaque cookie to identify the sender
    @param context - sender context, to match reply w/ request
    @param async_enable - wireguard async mode on or off, default off
*/
autoreply define wg_set_async_mode {
  u32 client_index;
  u32 context;
  bool async_enable [default=false];
};

/*
 * Local Variables:
 * eval: (c-set-style "gnu")
 * End:
 */