ike: Migrate queued CHILD_SA-creating tasks when reestablishing an IKE_SA
[strongswan.git] / src / libcharon / sa / task_manager.h
1 /*
2 * Copyright (C) 2006 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup task_manager task_manager
18 * @{ @ingroup sa
19 */
20
21 #ifndef TASK_MANAGER_H_
22 #define TASK_MANAGER_H_
23
24 typedef struct task_manager_t task_manager_t;
25 typedef enum task_queue_t task_queue_t;
26
27 #include <limits.h>
28
29 #include <library.h>
30 #include <encoding/message.h>
31 #include <sa/ike_sa.h>
32 #include <sa/task.h>
33
34 /**
35 * First retransmit timeout in seconds.
36 */
37 #define RETRANSMIT_TIMEOUT 4.0
38
39 /**
40 * Base which is raised to the power of the retransmission try.
41 */
42 #define RETRANSMIT_BASE 1.8
43
44 /**
45 * Number of retransmits done before giving up.
46 */
47 #define RETRANSMIT_TRIES 5
48
49 /**
50 * Interval for mobike routability checks in ms.
51 */
52 #define ROUTEABILITY_CHECK_INTERVAL 2500
53
54 /**
55 * Number of routability checks before giving up
56 */
57 #define ROUTEABILITY_CHECK_TRIES 10
58
59 /**
60 * Type of task queues the task manager uses to handle tasks
61 */
62 enum task_queue_t {
63 /** tasks currently active, initiated by us */
64 TASK_QUEUE_ACTIVE,
65 /** passive tasks initiated by the remote peer */
66 TASK_QUEUE_PASSIVE,
67 /** tasks queued for initiated, but not yet activated */
68 TASK_QUEUE_QUEUED,
69 };
70
71 /**
72 * The task manager, juggles task and handles message exchanges.
73 *
74 * On incoming requests, the task manager creates new tasks on demand and
75 * juggles the request through all available tasks. Each task inspects the
76 * request and adds payloads as necessary to the response.
77 * On outgoing requests, the task manager delivers the request through the tasks
78 * to build it, the response gets processed by each task to complete.
79 * The task manager has an internal Queue to store task which should get
80 * completed.
81 * For the initial IKE_SA setup, several tasks are queued: One for the
82 * unauthenticated IKE_SA setup, one for authentication, one for CHILD_SA setup
83 * and maybe one for virtual IP assignement.
84 * The task manager is also responsible for retransmission. It uses a backoff
85 * algorithm. The timeout is calculated using
86 * RETRANSMIT_TIMEOUT * (RETRANSMIT_BASE ** try).
87 * When try reaches RETRANSMIT_TRIES, retransmission is given up.
88 *
89 * Using an initial TIMEOUT of 4s, a BASE of 1.8, and 5 TRIES gives us:
90 * @verbatim
91 | relative | absolute
92 ---------------------------------------------------------
93 4s * (1.8 ** 0) = 4s 4s
94 4s * (1.8 ** 1) = 7s 11s
95 4s * (1.8 ** 2) = 13s 24s
96 4s * (1.8 ** 3) = 23s 47s
97 4s * (1.8 ** 4) = 42s 89s
98 4s * (1.8 ** 5) = 76s 165s
99
100 @endverbatim
101 * The peer is considered dead after 2min 45s when no reply comes in.
102 */
103 struct task_manager_t {
104
105 /**
106 * Process an incoming message.
107 *
108 * @param message message to add payloads to
109 * @return
110 * - DESTROY_ME if IKE_SA must be closed
111 * - SUCCESS otherwise
112 */
113 status_t (*process_message) (task_manager_t *this, message_t *message);
114
115 /**
116 * Initiate an exchange with the currently queued tasks.
117 */
118 status_t (*initiate) (task_manager_t *this);
119
120 /**
121 * Queue a task in the manager.
122 *
123 * @param task task to queue
124 */
125 void (*queue_task) (task_manager_t *this, task_t *task);
126
127 /**
128 * Queue IKE_SA establishing tasks.
129 */
130 void (*queue_ike)(task_manager_t *this);
131
132 /**
133 * Queue IKE_SA rekey tasks.
134 */
135 void (*queue_ike_rekey)(task_manager_t *this);
136
137 /**
138 * Queue IKE_SA reauth tasks.
139 */
140 void (*queue_ike_reauth)(task_manager_t *this);
141
142 /**
143 * Queue MOBIKE task
144 *
145 * @param roam TRUE to switch to new address
146 * @param address TRUE to include address list update
147 */
148 void (*queue_mobike)(task_manager_t *this, bool roam, bool address);
149
150 /**
151 * Queue IKE_SA delete tasks.
152 */
153 void (*queue_ike_delete)(task_manager_t *this);
154
155 /**
156 * Queue CHILD_SA establishing tasks.
157 *
158 * @param cfg CHILD_SA config to establish
159 * @param reqid reqid to use for CHILD_SA
160 * @param tsi initiator traffic selector, if packet-triggered
161 * @param tsr responder traffic selector, if packet-triggered
162 */
163 void (*queue_child)(task_manager_t *this, child_cfg_t *cfg, u_int32_t reqid,
164 traffic_selector_t *tsi, traffic_selector_t *tsr);
165
166 /**
167 * Queue CHILD_SA rekeying tasks.
168 *
169 * @param protocol CHILD_SA protocol, AH|ESP
170 * @param spi CHILD_SA SPI to rekey
171 */
172 void (*queue_child_rekey)(task_manager_t *this, protocol_id_t protocol,
173 u_int32_t spi);
174
175 /**
176 * Queue CHILD_SA delete tasks.
177 *
178 * @param protocol CHILD_SA protocol, AH|ESP
179 * @param spi CHILD_SA SPI to rekey
180 * @param expired TRUE if SA already expired
181 */
182 void (*queue_child_delete)(task_manager_t *this, protocol_id_t protocol,
183 u_int32_t spi, bool expired);
184
185 /**
186 * Queue liveness checking tasks.
187 */
188 void (*queue_dpd)(task_manager_t *this);
189
190 /**
191 * Retransmit a request if it hasn't been acknowledged yet.
192 *
193 * A return value of INVALID_STATE means that the message was already
194 * acknowledged and has not to be retransmitted. A return value of SUCCESS
195 * means retransmission was required and the message has been resent.
196 *
197 * @param message_id ID of the message to retransmit
198 * @return
199 * - INVALID_STATE if retransmission not required
200 * - SUCCESS if retransmission sent
201 */
202 status_t (*retransmit) (task_manager_t *this, u_int32_t message_id);
203
204 /**
205 * Migrate all queued tasks from other to this.
206 *
207 * To rekey or reestablish an IKE_SA completely, all queued or active
208 * tasks should get migrated to the new IKE_SA.
209 *
210 * @param other manager which gives away its tasks
211 */
212 void (*adopt_tasks) (task_manager_t *this, task_manager_t *other);
213
214 /**
215 * Migrate all active or queued CHILD_SA-creating tasks from other to this.
216 *
217 * @param other manager which gives away its tasks
218 */
219 void (*adopt_child_tasks) (task_manager_t *this, task_manager_t *other);
220
221 /**
222 * Increment a message ID counter, in- or outbound.
223 *
224 * If a message is processed outside of the manager, this call increments
225 * the message ID counters of the task manager.
226 *
227 * @param inititate TRUE to increment the initiating ID
228 */
229 void (*incr_mid)(task_manager_t *this, bool initiate);
230
231 /**
232 * Reset message ID counters of the task manager.
233 *
234 * The IKEv2 protocol requires to restart exchanges with message IDs
235 * reset to zero (INVALID_KE_PAYLOAD, COOKIES, ...). The reset() method
236 * resets the message IDs and resets all active tasks using the migrate()
237 * method.
238 * Use a value of UINT_MAX to keep the current message ID.
239 * For IKEv1, the arguments do not set the message ID, but the DPD sequence
240 * number counters.
241 *
242 * @param initiate message ID / DPD seq to initiate exchanges (send)
243 * @param respond message ID / DPD seq to respond to exchanges (expect)
244 */
245 void (*reset) (task_manager_t *this, u_int32_t initiate, u_int32_t respond);
246
247 /**
248 * Check if we are currently waiting for a reply.
249 *
250 * @return TRUE if we are waiting, FALSE otherwise
251 */
252 bool (*busy) (task_manager_t *this);
253
254 /**
255 * Create an enumerator over tasks in a specific queue.
256 *
257 * @param queue queue to create an enumerator over
258 * @return enumerator over task_t
259 */
260 enumerator_t* (*create_task_enumerator)(task_manager_t *this,
261 task_queue_t queue);
262
263 /**
264 * Flush a queue, cancelling all tasks.
265 *
266 * @param queue queue to flush
267 */
268 void (*flush_queue)(task_manager_t *this, task_queue_t queue);
269
270 /**
271 * Destroy the task_manager_t.
272 */
273 void (*destroy) (task_manager_t *this);
274 };
275
276 /**
277 * Create a task manager instance for the correct IKE version.
278 *
279 * @param ike_sa IKE_SA to create a task manager for
280 * @return task manager implementation for IKE version
281 */
282 task_manager_t *task_manager_create(ike_sa_t *ike_sa);
283
284 #endif /** TASK_MANAGER_H_ @}*/