1 files changed, 100 insertions, 0 deletions

diff --git a/src/pluto/demux.h b/src/pluto/demux.h
new file mode 100644
index 000000000..7adac44f3
--- /dev/null
+++ b/src/pluto/demux.h
@@ -0,0 +1,100 @@
+/* demultiplex incoming IKE messages
+ * Copyright (C) 1998-2002  D. Hugh Redelmeier.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * RCSID $Id: demux.h,v 1.4 2004/07/22 22:57:25 as Exp $
+ */
+
+#include "packet.h"
+
+struct state;	/* forward declaration of tag */
+extern void init_demux(void);
+#ifdef NAT_TRAVERSAL
+#define send_packet(st,wh) _send_packet(st,wh,TRUE)
+extern bool _send_packet(struct state *st, const char *where, bool verbose);
+#else
+extern bool send_packet(struct state *st, const char *where);
+#endif
+extern void comm_handle(const struct iface *ifp);
+
+extern u_int8_t reply_buffer[MAX_OUTPUT_UDP_SIZE];
+
+/* State transition function infrastructure
+ *
+ * com_handle parses a message, decides what state object it applies to,
+ * and calls the appropriate state transition function (STF).
+ * These declarations define the interface to these functions.
+ *
+ * Each STF must be able to be restarted up to any failure point:
+ * a later message will cause the state to be re-entered.  This
+ * explains the use of the replace macro and the care in handling
+ * MP_INT members of struct state.
+ */
+
+struct payload_digest {
+    pb_stream pbs;
+    union payload payload;
+    struct payload_digest *next;   /* of same kind */
+};
+
+/* message digest
+ * Note: raw_packet and packet_pbs are "owners" of space on heap.
+ */
+
+struct msg_digest {
+    struct msg_digest *next;	/* for free list */
+    chunk_t raw_packet;		/* if encrypted, received packet before decryption */
+    const struct iface *iface;	/* interface on which message arrived */
+    ip_address sender;	/* where message came from */
+    u_int16_t sender_port;	/* host order */
+    pb_stream packet_pbs;	/* whole packet */
+    pb_stream message_pbs;	/* message to be processed */
+    struct isakmp_hdr hdr;	/* message's header */
+    bool encrypted;		/* was it encrypted? */
+    enum state_kind from_state;	/* state we started in */
+    const struct state_microcode *smc;	/* microcode for initial state */
+    struct state *st;		/* current state object */
+    pb_stream reply;		/* room for reply */
+    pb_stream rbody;		/* room for reply body (after header) */
+    notification_t note;	/* reason for failure */
+    bool dpd;           	/* peer supports RFC 3706 DPD */
+    bool openpgp;		/* peer supports OpenPGP certificates */
+
+#   define PAYLIMIT 20
+    struct payload_digest
+	digest[PAYLIMIT],
+	*digest_roof,
+	*chain[ISAKMP_NEXT_ROOF];
+#ifdef NAT_TRAVERSAL
+	unsigned short nat_traversal_vid;
+#endif	
+};
+
+extern void release_md(struct msg_digest *md);
+
+/* status for state-transition-function
+ * Note: STF_FAIL + notification_t means fail with that notification
+ */
+
+typedef enum {
+    STF_IGNORE,	/* don't respond */
+    STF_SUSPEND,    /* unfinished -- don't release resources */
+    STF_OK,	/* success */
+    STF_INTERNAL_ERROR,	/* discard everything, we failed */
+    STF_FAIL	/* discard everything, something failed.  notification_t added. */
+} stf_status;
+
+typedef stf_status state_transition_fn(struct msg_digest *md);
+
+extern void complete_state_transition(struct msg_digest **mdp, stf_status result);
+
+extern void free_md_pool(void);