moved AUTH_LIFETIME handling in its own task (cleaner separation, proper payload...
[strongswan.git] / src / charon / sa / tasks / task.h
1 /**
2 * @file task.h
3 *
4 * @brief Interface task_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2007 Tobias Brunner
10 * Copyright (C) 2006 Martin Willi
11 * Hochschule fuer Technik Rapperswil
12 *
13 * This program is free software; you can redistribute it and/or modify it
14 * under the terms of the GNU General Public License as published by the
15 * Free Software Foundation; either version 2 of the License, or (at your
16 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 *
18 * This program is distributed in the hope that it will be useful, but
19 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
20 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
21 * for more details.
22 */
23
24 #ifndef TASK_H_
25 #define TASK_H_
26
27 typedef enum task_type_t task_type_t;
28 typedef struct task_t task_t;
29
30 #include <library.h>
31 #include <sa/ike_sa.h>
32 #include <encoding/message.h>
33
34 /**
35 * @brief Different kinds of tasks.
36 *
37 * @ingroup tasks
38 */
39 enum task_type_t {
40 /** establish an unauthenticated IKE_SA */
41 IKE_INIT,
42 /** detect NAT situation */
43 IKE_NATD,
44 /** handle MOBIKE stuff */
45 IKE_MOBIKE,
46 /** authenticate the initiated IKE_SA */
47 IKE_AUTHENTICATE,
48 /** AUTH_LIFETIME negotiation, RFC4478 */
49 IKE_AUTH_LIFETIME,
50 /** exchange certificates and requests */
51 IKE_CERT,
52 /** Configuration payloads, virtual IP and such */
53 IKE_CONFIG,
54 /** rekey an IKE_SA */
55 IKE_REKEY,
56 /** reestablish a complete IKE_SA */
57 IKE_REAUTH,
58 /** delete an IKE_SA */
59 IKE_DELETE,
60 /** liveness check */
61 IKE_DPD,
62 #ifdef P2P
63 /** handle P2P-NAT-T stuff */
64 IKE_P2P,
65 #endif /* P2P */
66 /** establish a CHILD_SA within an IKE_SA */
67 CHILD_CREATE,
68 /** delete an established CHILD_SA */
69 CHILD_DELETE,
70 /** rekey an CHILD_SA */
71 CHILD_REKEY,
72 };
73
74 /**
75 * enum names for task_type_t.
76 */
77 extern enum_name_t *task_type_names;
78
79 /**
80 * @brief Interface for a task, an operation handled within exchanges.
81 *
82 * A task is an elemantary operation. It may be handled by a single or by
83 * multiple exchanges. An exchange may even complete multiple tasks.
84 * A task has a build() and an process() operation. The build() operation
85 * creates payloads and adds it to the message. The process() operation
86 * inspects a message and handles its payloads. An initiator of an exchange
87 * first calls build() to build the request, and processes the response message
88 * with the process() method.
89 * A responder does the opposite; it calls process() first to handle an incoming
90 * request and secondly calls build() to build an appropriate response.
91 * Both methods return either SUCCESS, NEED_MORE or FAILED. A SUCCESS indicates
92 * that the task completed, even when the task completed unsuccesfully. The
93 * manager then removes the task from the list. A NEED_MORE is returned when
94 * the task needs further build()/process() calls to complete, the manager
95 * leaves the taks in the queue. A returned FAILED indicates a critical failure.
96 * The manager closes the IKE_SA whenever a task returns FAILED.
97 *
98 * @b Constructors:
99 * - None, use implementations specific constructors
100 *
101 * @ingroup tasks
102 */
103 struct task_t {
104
105 /**
106 * @brief Build a request or response message for this task.
107 *
108 * @param this calling object
109 * @param message message to add payloads to
110 * @return
111 * - FAILED if a critical error occured
112 * - NEED_MORE if another call to build/process needed
113 * - SUCCESS if task completed
114 */
115 status_t (*build) (task_t *this, message_t *message);
116
117 /**
118 * @brief Process a request or response message for this task.
119 *
120 * @param this calling object
121 * @param message message to read payloads from
122 * @return
123 * - FAILED if a critical error occured
124 * - NEED_MORE if another call to build/process needed
125 * - SUCCESS if task completed
126 */
127 status_t (*process) (task_t *this, message_t *message);
128
129 /**
130 * @brief Get the type of the task implementation.
131 *
132 * @param this calling object
133 */
134 task_type_t (*get_type) (task_t *this);
135
136 /**
137 * @brief Migrate a task to a new IKE_SA.
138 *
139 * After migrating a task, it goes back to a state where it can be
140 * used again to initate an exchange. This is useful when a task
141 * has to get migrated to a new IKE_SA.
142 * A special usage is when a INVALID_KE_PAYLOAD is received. A call
143 * to reset resets the task, but uses another DH group for the next
144 * try.
145 * The ike_sa is the new IKE_SA this task belongs to and operates on.
146 *
147 * @param this calling object
148 * @param ike_sa new IKE_SA this task works for
149 */
150 void (*migrate) (task_t *this, ike_sa_t *ike_sa);
151
152 /**
153 * @brief Destroys a task_t object.
154 *
155 * @param this calling object
156 */
157 void (*destroy) (task_t *this);
158 };
159
160 #endif /* TASK_H_ */