programs/charon/charon/sa/states/state.h

   1 /**
   2  * @file state.h
   3  *
   4  * @brief Interface state_t.
   5  *
   6  */
   7
   8 /*
   9  * Copyright (C) 2005 Jan Hutter, Martin Willi
  10  * Hochschule fuer Technik Rapperswil
  11  *
  12  * This program is free software; you can redistribute it and/or modify it
  13  * under the terms of the GNU General Public License as published by the
  14  * Free Software Foundation; either version 2 of the License, or (at your
  15  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  16  *
  17  * This program is distributed in the hope that it will be useful, but
  18  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  19  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  20  * for more details.
  21  */
  22
  23 #ifndef STATE_H_
  24 #define STATE_H_
  25
  26 #include <definitions.h>
  27 #include <types.h>
  28 #include <encoding/message.h>
  29
  30 typedef enum ike_sa_state_t ike_sa_state_t;
  31
  32 /**
  33  * States in which a IKE_SA can be.
  34  *
  35  * @todo Support of more states (CHILD_SA_REQUESTED, etc...)
  36  *
  37  * @ingroup states
  38  */
  39 enum ike_sa_state_t {
  40
  41         /**
  42          * @brief IKE_SA is in initial state as initiator and is going to initiate a new connection.
  43          *
  44          * Next state following this state is IKE_SA_INIT_REQUESTED.
  45          *
  46          * Implemented in class initiator_init_t.
  47          */
  48         INITIATOR_INIT = 1,
  49
  50         /**
  51          * @brief IKE_SA is in initial state as responder and is going to respond to a initiated connection.
  52          *
  53          * Next state following this state is IKE_SA_INIT_RESPONDED.
  54          *
  55          * Implemented in class responder_init_t.
  56          */
  57         RESPONDER_INIT = 2,
  58
  59         /**
  60          * @brief A IKE_SA_INIT request was sent. In this state a reply of type IKE_SA_INIT is expected.
  61          *
  62          * Two states are possible as next states:
  63          *  - IKE_AUTH_REQUESTED if IKE_SA_INIT reply could successfully processed and IKE_AUTH request could be sent.
  64          *  - INITIATOR_INIT if selected DH group was not the one selected by other peer.
  65          *
  66          * Implemented in class ike_sa_init_requested_t.
  67          */
  68         IKE_SA_INIT_REQUESTED = 3,
  69
  70         /**
  71          * @brief A IKE_SA_INIT response was sent. In this state a request of type IKE_AUTH is expected.
  72          *
  73          * Next state following this state is IKE_SA_ESTABLISHED.
  74          *
  75          * Implemented in class ike_sa_init_responded_t.
  76          */
  77         IKE_SA_INIT_RESPONDED = 4,
  78
  79         /**
  80          * @brief An IKE_AUTH request was sent after a successful IKE_SA_INIT-exchange.
  81          *
  82          * Next state following this state is IKE_SA_ESTABLISHED.
  83          *
  84          * Implemented in class ike_auth_requested_t.
  85          */
  86         IKE_AUTH_REQUESTED = 5,
  87
  88         /**
  89          * @brief An IKE_AUTH exchange was successfuly handled either as initiator or responder.
  90          *
  91          * In this state, all the informations for an IKE_SA and one CHILD_SA are known.
  92          *
  93          * Implemented in class ike_sa_established_t.
  94          */
  95         IKE_SA_ESTABLISHED = 6
  96 };
  97
  98
  99 /**
 100  * String mappings for ike_sa_state_t.
 101  */
 102 extern mapping_t ike_sa_state_m[];
 103
 104
 105 typedef struct state_t state_t;
 106
 107 /**
 108  * @brief This interface represents an IKE_SA state.
 109  *
 110  * A state_t object is responsible to handle incoming messages.
 111  *
 112  * It's the responsibility of the state_t object to parse the body of the message and to process each
 113  * payload.
 114  *
 115  * Needed Configurations and transform objects can be retrieved over an internal stored protected_ike_sa_t object
 116  * which is passed to a state_t object when creating it (see different constructors).
 117  *
 118  * The following states are supported and implemented:
 119  * - INITIATOR_INIT: implemented in initiator_init_t
 120  * - RESPONDER_INIT: implemented in responder_init_t
 121  * - IKE_SA_INIT_REQUESTED: implemented in ike_sa_init_requested_t
 122  * - IKE_SA_INIT_RESPONDED: implemented in ike_sa_init_responded_t
 123  * - IKE_AUTH_REQUESTED: implemented in ike_auth_requested_t
 124  * - IKE_SA_ESTABLISHED: implemented in ike_sa_established_t
 125  *
 126  * @b Constructors:
 127  *  - initiator_init_create()
 128  *  - responder_init_create()
 129  *  - ike_sa_init_requested_create()
 130  *  - ike_sa_init_responded_create()
 131  *  - ike_auth_requested_create()
 132  *  - ike_sa_established_create()
 133  *
 134  * @ingroup states
 135  */
 136 struct state_t {
 137
 138         /**
 139          * @brief Processes a incoming IKEv2-Message of type message_t.
 140          *
 141          * @param this                  calling object
 142          * @param[in]                   message message_t object to process
 143          * @return
 144          *                                              - SUCCESSFUL
 145          *                                              - FAILED
 146          *                                              - DELETE_ME if belonging IKE_SA should be deleted
 147          */
 148         status_t (*process_message) (state_t *this,message_t *message);
 149
 150         /**
 151          * @brief Get the current state representing by this state_t object.
 152          *
 153          * @param this  calling object
 154          * @return              state
 155          */
 156         ike_sa_state_t (*get_state) (state_t *this);
 157
 158         /**
 159          * @brief Destroys a state_t object.
 160          *
 161          * @param this  calling object
 162          */
 163         void (*destroy) (state_t *this);
 164 };
 165
 166 #endif /*STATE_H_*/