[thirdparty/strongswan.git] / Source / charon / sa / ike_sa_manager.h

/**
 * @file ike_sa_manager.h
 * 
 * @brief Interface of ike_sa_manager_t.
 * 
 */

/*
 * Copyright (C) 2005 Jan Hutter, Martin Willi
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#ifndef _IKE_SA_MANAGER_H_
#define _IKE_SA_MANAGER_H_

#include <types.h>
#include <sa/ike_sa.h>


typedef struct ike_sa_manager_t ike_sa_manager_t;

/**
 * @brief The IKE_SA-Manager is responsible for managing all initiated and responded IKE_SA's.
 *
 * To avoid access from multiple threads, IKE_SAs must be checked out from
 * the manager, and checked in after usage. 
 * The manager also handles deletion of SAs.
 *
 * @todo checking of double-checkouts from the same threads would be nice.
 * This could be done by comparing thread-ids via pthread_self()...
 * 
 * @todo Managing of ike_sa_t objects in a hash table instead of linked list.
 * 
 * @b Constructors:
 * - ike_sa_manager_create()
 * 
 * @ingroup sa
 */
struct ike_sa_manager_t {
	/**
	 * @brief Checkout an IKE_SA, create it when necesarry.
	 * 
	 * Checks out a SA by its ID. An SA will be created, when:
	 * - Responder SPI is not set (when received an IKE_SA_INIT from initiator)
	 * Management of SPIs is the managers job, he will set it.
	 * This function blocks until SA is available for checkout.
	 * 
	 * @warning checking out two times without checking in will
	 * result in a deadlock!
	 * 
	 * @param ike_sa_manager 	the manager object
	 * @param ike_sa_id[in/out]	the SA identifier, will be updated
	 * @param ike_sa[out] 		checked out SA
	 * @returns 					
	 * 							- SUCCESS if checkout successful
	 * 							- NOT_FOUND when no such SA is available
	 * 							- CREATED if a new IKE_SA got created
	 */
	status_t (*checkout) (ike_sa_manager_t* ike_sa_manager, ike_sa_id_t *sa_id, ike_sa_t **ike_sa);
	
	/**
	 * @brief Create and checkout an IKE_SA as original initator.
	 * 
	 * Creates and checks out a SA as initiator.
	 * Management of SPIs is the managers job, he will set it.
	 * 
	 * @param ike_sa_manager 	the manager object
	 * @param ike_sa[out] 		checked out SA
	 */
	void (*create_and_checkout) (ike_sa_manager_t* ike_sa_manager,ike_sa_t **ike_sa);
 
	/**
	 * @brief Checkin the SA after usage.
	 * 
	 * @warning the SA pointer MUST NOT be used after checkin! 
	 * The SA must be checked out again!
	 *  
	 * @param ike_sa_manager 	the manager object
	 * @param ike_sa_id[in/out]	the SA identifier, will be updated
	 * @param ike_sa[out]		checked out SA
	 * @returns 				
	 * 							- SUCCESS if checked in
	 * 							- NOT_FOUND when not found (shouldn't happen!)
	 */
	status_t (*checkin) (ike_sa_manager_t* ike_sa_manager, ike_sa_t *ike_sa);
	/**
	 * @brief Delete a SA, which was not checked out.
	 * 
	 * @warning do not use this when the SA is already checked out, this will
	 * deadlock!
	 *  
	 * @param ike_sa_manager 	the manager object
	 * @param ike_sa_id[in/out]	the SA identifier
	 * @returns 				
	 * 							- SUCCESS if found
	 * 							- NOT_FOUND when no such SA is available
	 */
	status_t (*delete) (ike_sa_manager_t* ike_sa_manager, ike_sa_id_t *ike_sa_id);
	
	/**
	 * @brief Delete a checked out SA.
	 *
	 * @param ike_sa_manager 	the manager object
	 * @param ike_sa			SA to delete
	 * @returns 				
	 * 							- SUCCESS if found
	 * 							- NOT_FOUND when no such SA is available
	 */
	status_t (*checkin_and_delete) (ike_sa_manager_t* ike_sa_manager, ike_sa_t *ike_sa);
	
	/**
	 * @brief Destroys the manager with all associated SAs.
	 * 
	 * Threads will be driven out, so all SAs can be deleted cleanly.
	 * 
	 * @param ike_sa_manager the manager object
	 */
	void (*destroy) (ike_sa_manager_t *ike_sa_manager);
};

/**
 * @brief Create a manager.
 * 
 * @returns 	ike_sa_manager_t object
 * 
 * @ingroup sa
 */
ike_sa_manager_t *ike_sa_manager_create();

#endif /*_IKE_SA_MANAGER_H_*/
Commit	Line	Data
472217f1 MW	1	/**
	2	* @file ike_sa_manager.h
	3	*
207dd9b5	4	* @brief Interface of ike_sa_manager_t.
472217f1 MW	5	*
	6	*/
	7
	8	/*
	9	* Copyright (C) 2005 Jan Hutter, Martin Willi
	10	* Hochschule fuer Technik Rapperswil
	11	*
	12	* This program is free software; you can redistribute it and/or modify it
	13	* under the terms of the GNU General Public License as published by the
	14	* Free Software Foundation; either version 2 of the License, or (at your
	15	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	16	*
	17	* This program is distributed in the hope that it will be useful, but
	18	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	19	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	20	* for more details.
	21	*/
	22
39b2903f JH	23	#ifndef _IKE_SA_MANAGER_H_
39b2903f JH	24	#define _IKE_SA_MANAGER_H_
472217f1	25
021c2322	26	#include <types.h>
96f79ff1	27	#include <sa/ike_sa.h>
472217f1 MW	28
472217f1 MW	29
5796aa16 MW	30	typedef struct ike_sa_manager_t ike_sa_manager_t;
5796aa16 MW	31
472217f1	32	/**
39b2903f	33	* @brief The IKE_SA-Manager is responsible for managing all initiated and responded IKE_SA's.
5796aa16	34	*
472217f1	35	* To avoid access from multiple threads, IKE_SAs must be checked out from
207dd9b5	36	* the manager, and checked in after usage.
472217f1	37	* The manager also handles deletion of SAs.
5796aa16	38	*
d4425c1b	39	* @todo checking of double-checkouts from the same threads would be nice.
79b8aa19 MW	40	* This could be done by comparing thread-ids via pthread_self()...
79b8aa19 MW	41	*
39b2903f JH	42	* @todo Managing of ike_sa_t objects in a hash table instead of linked list.
39b2903f JH	43	*
79b8aa19 MW	44	* @b Constructors:
79b8aa19 MW	45	* - ike_sa_manager_create()
df3c59d0 MW	46	*
df3c59d0 MW	47	* @ingroup sa
472217f1	48	*/
5796aa16	49	struct ike_sa_manager_t {
d4425c1b	50	/**
39b2903f	51	* @brief Checkout an IKE_SA, create it when necesarry.
d4425c1b MW	52	*
	53	* Checks out a SA by its ID. An SA will be created, when:
	54	* - Responder SPI is not set (when received an IKE_SA_INIT from initiator)
d4425c1b MW	55	* Management of SPIs is the managers job, he will set it.
	56	* This function blocks until SA is available for checkout.
	57	*
	58	* @warning checking out two times without checking in will
	59	* result in a deadlock!
	60	*
	61	* @param ike_sa_manager the manager object
	62	* @param ike_sa_id[in/out] the SA identifier, will be updated
	63	* @param ike_sa[out] checked out SA
f0ddd8ae JH	64	* @returns
	65	* - SUCCESS if checkout successful
	66	* - NOT_FOUND when no such SA is available
e314700c	67	* - CREATED if a new IKE_SA got created
d4425c1b MW	68	*/
d4425c1b MW	69	status_t (checkout) (ike_sa_manager_t ike_sa_manager, ike_sa_id_t sa_id, ike_sa_t *ike_sa);
207dd9b5 JH	70
	71	/**
	72	* @brief Create and checkout an IKE_SA as original initator.
	73	*
39b2903f	74	* Creates and checks out a SA as initiator.
207dd9b5 JH	75	* Management of SPIs is the managers job, he will set it.
207dd9b5 JH	76	*
207dd9b5 JH	77	* @param ike_sa_manager the manager object
207dd9b5 JH	78	* @param ike_sa[out] checked out SA
207dd9b5	79	*/
d048df5c MW	80	void (create_and_checkout) (ike_sa_manager_t ike_sa_manager,ike_sa_t **ike_sa);
d048df5c MW	81
d4425c1b	82	/**
39b2903f	83	* @brief Checkin the SA after usage.
d4425c1b	84	*
207dd9b5 JH	85	* @warning the SA pointer MUST NOT be used after checkin!
207dd9b5 JH	86	* The SA must be checked out again!
d4425c1b MW	87	*
	88	* @param ike_sa_manager the manager object
	89	* @param ike_sa_id[in/out] the SA identifier, will be updated
	90	* @param ike_sa[out] checked out SA
d048df5c MW	91	* @returns
	92	* - SUCCESS if checked in
	93	* - NOT_FOUND when not found (shouldn't happen!)
d4425c1b MW	94	*/
	95	status_t (checkin) (ike_sa_manager_t ike_sa_manager, ike_sa_t *ike_sa);
	96	/**
39b2903f	97	* @brief Delete a SA, which was not checked out.
d4425c1b MW	98	*
	99	* @warning do not use this when the SA is already checked out, this will
	100	* deadlock!
	101	*
	102	* @param ike_sa_manager the manager object
	103	* @param ike_sa_id[in/out] the SA identifier
d048df5c MW	104	* @returns
	105	* - SUCCESS if found
	106	* - NOT_FOUND when no such SA is available
d4425c1b MW	107	*/
d4425c1b MW	108	status_t (delete) (ike_sa_manager_t ike_sa_manager, ike_sa_id_t *ike_sa_id);
d048df5c	109
d4425c1b	110	/**
39b2903f	111	* @brief Delete a checked out SA.
d048df5c	112	*
d4425c1b MW	113	* @param ike_sa_manager the manager object
d4425c1b MW	114	* @param ike_sa SA to delete
d048df5c MW	115	* @returns
	116	* - SUCCESS if found
	117	* - NOT_FOUND when no such SA is available
d4425c1b MW	118	*/
d4425c1b MW	119	status_t (checkin_and_delete) (ike_sa_manager_t ike_sa_manager, ike_sa_t *ike_sa);
472217f1 MW	120
472217f1 MW	121	/**
39b2903f	122	* @brief Destroys the manager with all associated SAs.
472217f1	123	*
39b2903f	124	* Threads will be driven out, so all SAs can be deleted cleanly.
472217f1	125	*
d4425c1b	126	* @param ike_sa_manager the manager object
472217f1	127	*/
d048df5c	128	void (destroy) (ike_sa_manager_t ike_sa_manager);
472217f1 MW	129	};
	130
	131	/**
39b2903f	132	* @brief Create a manager.
d4425c1b	133	*
39b2903f	134	* @returns ike_sa_manager_t object
df3c59d0 MW	135	*
df3c59d0 MW	136	* @ingroup sa
472217f1 MW	137	*/
	138	ike_sa_manager_t *ike_sa_manager_create();
	139
39b2903f	140	#endif /_IKE_SA_MANAGER_H_/