Class: Vici::Connection

Inherits:
Object
  • Object
show all
Defined in:
lib/vici.rb

Overview

The Connection class provides the high-level interface to monitor, configure and control the IKE daemon. It takes a connected stream-oriented Socket for the communication with the IKE daemon.

This class takes and returns ruby objects for the exchanged message data.

  • Sections get encoded as Hash, containing other sections as Hash, or

  • Key/Values, where the values are Strings as Hash values

  • Lists get encoded as Arrays with String values

Non-String values that are not a Hash nor an Array get converted with .to_s during encoding.

Instance Method Summary collapse

Constructor Details

#initialize(socket = nil) ⇒ Connection

Returns a new instance of Connection.



397
398
399
400
401
402
 
# File 'lib/vici.rb', line 397

def initialize(socket = nil)
  if socket == nil
    socket = UNIXSocket.new("/var/run/charon.vici")
  end
  @transp = Transport.new(socket)
end

Instance Method Details

#call_with_event(command, request, event, &block) ⇒ Object

Issue a command request, but register for a specific event while the command is active. VICI uses this mechanism to stream potentially large data objects continuously. The provided closure is invoked for all event messages.



575
576
577
578
579
580
581
582
583
584
585
586
587
588
 
# File 'lib/vici.rb', line 575

def call_with_event(command, request, event, &block)
  self.class.instance_eval do
    define_method(:call_event) do |label, message|
      block.call(message.root)
    end
  end
  @transp.register(event, method(:call_event))
  begin
    reply = @transp.request(command, request)
  ensure
    @transp.unregister(event, method(:call_event))
  end
  reply
end

#check_success(reply) ⇒ Object

Check if the reply of a command indicates “success”, otherwise raise a CommandExecError exception



593
594
595
596
597
598
599
 
# File 'lib/vici.rb', line 593

def check_success(reply)
  root = reply.root
  if root["success"] != "yes"
    raise CommandExecError, root["errmsg"]
  end
  root
end

#clear_credsObject

Clear all loaded credentials.



453
454
455
 
# File 'lib/vici.rb', line 453

def clear_creds()
  check_success(@transp.request("clear-creds"))
end

#get_connsObject

Get the names of connections managed by vici.



447
448
449
 
# File 'lib/vici.rb', line 447

def get_conns()
  @transp.request("get-conns").root
end

#get_poolsObject

Get the currently loaded pools.



489
490
491
 
# File 'lib/vici.rb', line 489

def get_pools()
  @transp.request("get-pools").root
end

#initiate(options, &block) ⇒ Object

Initiate a connection. The provided closure is invoked for each log line.



495
496
497
498
 
# File 'lib/vici.rb', line 495

def initiate(options, &block)
  check_success(call_with_event("initiate", Message.new(options),
                "control-log", &block))
end

#install(policy) ⇒ Object

Install a shunt/route policy.



515
516
517
 
# File 'lib/vici.rb', line 515

def install(policy)
  check_success(@transp.request("install", Message.new(policy)))
end

#list_certs(match = nil, &block) ⇒ Object

List matching loaded certificates. The provided closure is invoked for each matching certificate definition.



429
430
431
 
# File 'lib/vici.rb', line 429

def list_certs(match = nil, &block)
  call_with_event("list-certs", Message.new(match), "list-cert", &block)
end

#list_conns(match = nil, &block) ⇒ Object

List matching loaded connections. The provided closure is invoked for each matching connection.



407
408
409
 
# File 'lib/vici.rb', line 407

def list_conns(match = nil, &block)
  call_with_event("list-conns", Message.new(match), "list-conn", &block)
end

#list_policies(match, &block) ⇒ Object

List matching installed policies. The provided closure is invoked for each matching policy.



421
422
423
424
 
# File 'lib/vici.rb', line 421

def list_policies(match, &block)
  call_with_event("list-policies", Message.new(match), "list-policy",
                  &block)
end

#list_sas(match = nil, &block) ⇒ Object

List matching active SAs. The provided closure is invoked for each matching SA.



414
415
416
 
# File 'lib/vici.rb', line 414

def list_sas(match = nil, &block)
  call_with_event("list-sas", Message.new(match), "list-sa", &block)
end

#listen_events(events, &block) ⇒ Object

Listen for a set of event messages. This call is blocking, and invokes the passed closure for each event received. The closure receives the event name and the event message as argument. To stop listening, the closure may raise a StopEventListening exception, the only catched exception.



549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
 
# File 'lib/vici.rb', line 549

def listen_events(events, &block)
  self.class.instance_eval do
    define_method(:listen_event) do |label, message|
      block.call(label, message.root)
    end
  end
  events.each do |event|
    @transp.register(event, method(:listen_event))
  end
  begin
    loop do
      @transp.read_and_dispatch_event
    end
  rescue StopEventListening
  ensure
    events.each do |event|
      @transp.unregister(event, method(:listen_event))
    end
  end
end

#load_cert(cert) ⇒ Object

Load a certificate into the daemon.



459
460
461
 
# File 'lib/vici.rb', line 459

def load_cert(cert)
  check_success(@transp.request("load-cert", Message.new(cert)))
end

#load_conn(conn) ⇒ Object

Load a connection into the daemon.



435
436
437
 
# File 'lib/vici.rb', line 435

def load_conn(conn)
  check_success(@transp.request("load-conn", Message.new(conn)))
end

#load_key(key) ⇒ Object

Load a private key into the daemon.



465
466
467
 
# File 'lib/vici.rb', line 465

def load_key(key)
  check_success(@transp.request("load-key", Message.new(key)))
end

#load_pool(pool) ⇒ Object

Load a virtual IP / attribute pool



477
478
479
 
# File 'lib/vici.rb', line 477

def load_pool(pool)
  check_success(@transp.request("load-pool", Message.new(pool)))
end

#load_shared(shared) ⇒ Object

Load a shared key into the daemon.



471
472
473
 
# File 'lib/vici.rb', line 471

def load_shared(shared)
  check_success(@transp.request("load-shared", Message.new(shared)))
end

#redirect(options) ⇒ Object

Redirect an IKE_SA.



509
510
511
 
# File 'lib/vici.rb', line 509

def redirect(options)
  check_success(@transp.request("redirect", Message.new(options)))
end

#reload_settingsObject

Reload strongswan.conf settings.



527
528
529
 
# File 'lib/vici.rb', line 527

def reload_settings
  check_success(@transp.request("reload-settings", nil))
end

#statsObject

Get daemon statistics and information.



533
534
535
 
# File 'lib/vici.rb', line 533

def stats
  @transp.request("stats", nil).root
end

#terminate(options, &block) ⇒ Object

Terminate a connection. The provided closure is invoked for each log line.



502
503
504
505
 
# File 'lib/vici.rb', line 502

def terminate(options, &block)
  check_success(call_with_event("terminate", Message.new(options),
                "control-log", &block))
end

#uninstall(policy) ⇒ Object

Uninstall a shunt/route policy.



521
522
523
 
# File 'lib/vici.rb', line 521

def uninstall(policy)
  check_success(@transp.request("uninstall", Message.new(policy)))
end

#unload_conn(conn) ⇒ Object

Unload a connection from the daemon.



441
442
443
 
# File 'lib/vici.rb', line 441

def unload_conn(conn)
  check_success(@transp.request("unload-conn", Message.new(conn)))
end

#unload_pool(pool) ⇒ Object

Unload a virtual IP / attribute pool



483
484
485
 
# File 'lib/vici.rb', line 483

def unload_pool(pool)
  check_success(@transp.request("unload-pool", Message.new(pool)))
end

#versionObject

Get daemon version information



539
540
541
 
# File 'lib/vici.rb', line 539

def version
  @transp.request("version", nil).root
end