Project

General

Profile

An XML based management protocol for strongSwan (SMP) » History » Version 6

Martin Willi, 02.04.2008 09:49

1 1 Martin Willi
= An XML based management protocol for strongSwan (SMP) =
2 1 Martin Willi
3 5 Martin Willi
We are developing a flexible XML-based configuration interface. It uses the '''SMP''' protocol developed by Andreas Eigenmann and Joël Stillhart as part of their diploma thesis. 
4 2 Martin Willi
5 1 Martin Willi
== Overview ==
6 1 Martin Willi
The currently implemented communication interface to [wiki:charon] is called stroke. It's a simple protocol with it's own binary format. Only the input format is specified, output is redirected to the console.
7 1 Martin Willi
8 1 Martin Willi
While this protocol is usable for console applications (ipsec/starter), we need a better protocol to get feedback for an operation, query the status of the daemon, ...
9 1 Martin Willi
10 1 Martin Willi
== Requirements ==
11 1 Martin Willi
  * Querying
12 1 Martin Willi
    * IKE_SA list
13 1 Martin Willi
    * Daemon status
14 1 Martin Willi
    * ...
15 1 Martin Willi
  * Control
16 1 Martin Willi
    * initiate connection
17 1 Martin Willi
    * terminate connection
18 1 Martin Willi
    * ...
19 1 Martin Willi
  * Get notifications
20 1 Martin Willi
    * client connected
21 1 Martin Willi
    * client connect attempt failed
22 1 Martin Willi
    * ...
23 1 Martin Willi
24 1 Martin Willi
== Protocol ==
25 3 Martin Willi
To get an universal usable and easy to implement protocol, SMP is based on a XML. We use [http://www.relaxng.org Relax-NG] schemas for validation, as they are more powerful than DTD, but simpler than XML schema.
26 1 Martin Willi
27 3 Martin Willi
=== Connectivity ===
28 3 Martin Willi
SMP uses a reliable protocol. We implement the protocol over a Unix socket for the first try, TCP connections are targeted for a later release (see security).
29 1 Martin Willi
30 3 Martin Willi
=== Security ===
31 3 Martin Willi
We do not implement any security (encryption/authentication) in the first iteration. We will operate on a Unix socket, we enforce security with file permissions. Further development iterations will support for remote administration (over TCP), and then we need authentication, encryption and integrity checks.
32 3 Martin Willi
33 3 Martin Willi
The proposed XML-Security like approach proposed in the diploma thesis suffers from replay attack detection. Futher, using the asymmetric approach for each message may be to expensive.
34 3 Martin Willi
35 3 Martin Willi
If we implement a more complex notification mechanism, we need to register anyway at connection setup. We could agree on encryption and compression algorithm and exchange a key in this registration process.
36 3 Martin Willi
37 3 Martin Willi
=== Message format ===
38 3 Martin Willi
The root element of an exchanged element is the ''<message>'' element. A message has a ''type'' attribute of either ''request'', ''response'' or ''notification''. To protect messages against replay attacks, each message as an ''id'' attribute, which in unique and incremental for each request/response pair. Notifications use their own counter for for message ids, as they appear asynchronously.
39 3 Martin Willi
40 3 Martin Willi
Messages of ''type'' ''request'' and ''response'' contain one or more of the elements ''query'' and ''control''.
41 3 Martin Willi
42 3 Martin Willi
=== Schema ===
43 6 Martin Willi
The complete schema is available at [source:trunk/src/charon/plugins/smp/schema.xml] (draft).
44 3 Martin Willi
45 3 Martin Willi
=== Query Operations ===
46 4 Tobias Brunner
  * [wiki:SMPQueryIKESA Query a list of IKE_SAs]
47 3 Martin Willi
  * ...
48 3 Martin Willi
The status of all IKE_SAs can be queried by sending a message of type ''request'' including a query