further work done for simultaneous rekeying/delete
[strongswan.git] / src / charon / sa / transactions / create_child_sa.h
1 /**
2 * @file create_child_sa.h
3 *
4 * @brief Interface of transaction create_child_sa.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #ifndef CREATE_CHILD_SA_H_
24 #define CREATE_CHILD_SA_H_
25
26 #include <sa/ike_sa.h>
27 #include <sa/child_sa.h>
28 #include <sa/transactions/transaction.h>
29
30
31 typedef struct create_child_sa_t create_child_sa_t;
32
33 /**
34 * @brief A transaction to create a new or rekey an existing CHILD_SA.
35 *
36 * Rekeying of an CHILD_SA works the same way as creating a new one,
37 * but includes an additional REKEY_SA notify and deletes the old
38 * one (in a separate transaction).
39 *
40 * ¦__________ _________¦
41 * ¦ Cyq \/ Czq ¦
42 * ¦__________/\_________¦
43 * detect ¦__________ _________¦ detect
44 * ¦ Czp \/ Czp ¦
45 * compare nonces, won ¦__________/\_________¦ compare nonces, lost
46 * ¦ ¦
47 * delete old ¦__________ ¦
48 * ¦ Dxq \__________¦
49 * ¦ __________¦
50 * ¦__________/ Dxp ¦
51 * ¦ __________¦ delete created
52 * ¦__________/ Dzq ¦
53 * ¦__________ ¦
54 * ¦ Dzp \__________¦
55 *
56 *
57 * @b Constructors:
58 * - create_child_sa_create()
59 * - transaction_create() with the appropriate message
60 *
61 * @ingroup transactions
62 */
63 struct create_child_sa_t {
64
65 /**
66 * The transaction_t interface.
67 */
68 transaction_t transaction;
69
70 /**
71 * @brief Set the CHILD_SA which gets rekeyed by the new one.
72 *
73 * If this transaction is used for rekeying, set the inbound
74 * SPI of the CHILD_SA which the new CHILD_SA rekeys.
75 *
76 * @param this calling object
77 * @param child_sa CHILD_SA to rekey
78 */
79 void (*rekeys_child) (create_child_sa_t* this, child_sa_t *child_sa);
80
81 /**
82 * @brief Cancel a rekeying request.
83 *
84 * Cancelling a rekeying request will set a flag in the transaction. When
85 * the response for the transaction is received, the created CHILD_SA
86 * gets deleted afterwards.
87 *
88 * @param this calling object
89 * @param child_sa CHILD_SA to rekey
90 */
91 void (*cancel) (create_child_sa_t* this);
92 };
93
94 /**
95 * @brief Create a new transaction which creates/rekeys CHILD_SAs.
96 *
97 * @param ike_sa assigned IKE_SA
98 * @param message_id message ids used in this transaction
99 * @return created create_child_sa transaction
100 *
101 * @ingroup transactions
102 */
103 create_child_sa_t *create_child_sa_create(ike_sa_t *ike_sa, u_int32_t message_id);
104
105 #endif /* CREATE_CHILD_SA_H_ */