strongSwan

h1. An XML based management protocol for strongSwan (SMP)

We are developing a flexible XML-based configuration interface. It uses the *SMP* protocol developed by Andreas Eigenmann and Joël Stillhart as part of their diploma thesis. 

h2. Overview

The currently implemented communication interface to [[charon]] is called stroke. It's a simple protocol with it's own binary format. Only the input format is specified, output is redirected to the console.

While this protocol is usable for console applications (ipsec/starter), we need a better protocol to get feedback for an operation, query the status of the daemon, ...

h2. Requirements

* Querying

** IKE_SA list

** Daemon status

** ...

* Control

** initiate connection

** terminate connection

** ...

* Get notifications

** client connected

** client connect attempt failed

** ...

h2. Protocol

To get an universal usable and easy to implement protocol, SMP is based on a XML. We use "Relax-NG":http://www.relaxng.org schemas for validation, as they are more powerful than DTD, but simpler than XML schema.

h3. Connectivity

SMP uses a reliable protocol. We implement the protocol over a Unix socket for the first try, TCP connections are targeted for a later release (see security).

h3. Security

We do not implement any security (encryption/authentication) in the first iteration. We will operate on a Unix socket, we enforce security with file permissions. Further development iterations will support for remote administration (over TCP), and then we need authentication, encryption and integrity checks.

The proposed XML-Security like approach proposed in the diploma thesis suffers from replay attack detection. Futher, using the asymmetric approach for each message may be to expensive.

If we implement a more complex notification mechanism, we need to register anyway at connection setup. We could agree on encryption and compression algorithm and exchange a key in this registration process.

h3. Message format

The root element of an exchanged element is the _<message>_ element. A message has a _type_ attribute of either _request_, _response_ or _notification_. To protect messages against replay attacks, each message as an _id_ attribute, which in unique and incremental for each request/response pair. Notifications use their own counter for for message ids, as they appear asynchronously.

Messages of _type_ _request_ and _response_ contain one or more of the elements _query_ and _control_.

h3. Schema

The complete schema is available at source:src/charon/plugins/smp/schema.xml (draft).

h3. Query Operations

** [[SMPQueryIKESA|Query a list of IKE_SAs]]

** ...

The status of all IKE_SAs can be queried by sending a message of type _request_ including a query