*/
/**
- * @defgroup states states
+ * @defgroup transactions transactions
*
- * Varius states in which an IKE SA can be.
+ * Transactions represent a request/response
+ * message exchange to implement the IKEv2
+ * protocol exchange scenarios.
*
* @ingroup sa
*/
/**
* @brief State of an IKE_SA.
- *
+ *
+ * An IKE_SA passes various states in its lifetime. A newly created
+ * SA is in the state CREATED.
+ * @verbatim
+ +----------------+
+ ¦ SA_CREATED ¦
+ +----------------+
+ ¦
+ on initiate()---> ¦ <----- on IKE_SA_INIT received
+ ¦
+ +----------------+
+ ¦ SA_CONNECTING ¦
+ +----------------+
+ ¦
+ ¦ <----- on IKE_AUTH successfully completed
+ ¦
+ +----------------+
+ ¦ SA_ESTABLISHED ¦
+ +----------------+
+ ¦
+ on delete()---> ¦ <----- on IKE_SA delete request received
+ ¦
+ +----------------+
+ ¦ SA_DELETING ¦
+ +----------------+
+ ¦
+ ¦ <----- after delete() acknowledged
+ ¦
+ \¦/
+ X
+ / \
+ @endverbatim
+ *
* @ingroup sa
*/
enum ike_sa_state_t {
/* we do not handle rekeying of CHILD_SAs in a special
* transaction, as the procedure is nearly equal
* to create a new CHILD_SA. */
+ transaction = (transaction_t*)create_child_sa_create(ike_sa, message_id);
+ break;
default:
break;
}
*
* The responder must not destroy the transaction, until the
* initiator initiates another transaction (or a number of transactions
- * > window size). This allows us to redo a transaction in case of a
+ * > window size). This allows us to redo a transaction in case of a
* message loss. The initiator can destroy the the transaction once
* the conclude() function is called.
*
projects / strongswan.git / commitdiff