src/charon/sa/ike_sa_manager.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210

/**
 * @file ike_sa_manager.h
 * 
 * @brief Interface of ike_sa_manager_t.
 * 
 */

/*
 * Copyright (C) 2005-2006 Martin Willi
 * Copyright (C) 2005 Jan Hutter
 * Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#ifndef IKE_SA_MANAGER_H_
#define IKE_SA_MANAGER_H_

#include <types.h>
#include <sa/ike_sa.h>
#include <utils/logger.h>


typedef struct ike_sa_manager_t ike_sa_manager_t;

/**
 * @brief The IKE_SA-Manager is responsible for managing all initiated and responded IKE_SA's.
 *
 * To avoid access from multiple threads, IKE_SAs must be checked out from
 * the manager, and checked in after usage. 
 * The manager also handles deletion of SAs.
 *
 * @todo checking of double-checkouts from the same threads would be nice.
 * This could be done by comparing thread-ids via pthread_self()...
 * 
 * @todo Managing of ike_sa_t objects in a hash table instead of linked list.
 * 
 * @b Constructors:
 * - ike_sa_manager_create()
 * 
 * @ingroup sa
 */
struct ike_sa_manager_t {
	/**
	 * @brief Checkout an IKE_SA, create it when necesarry.
	 * 
	 * Checks out a SA by its ID. An SA will be created, when the responder
	 * SPI is not set (when received an IKE_SA_INIT from initiator).
	 * Management of SPIs is the managers job, he will set it.
	 * This function blocks until SA is available for checkout.
	 * 
	 * @warning checking out two times without checking in will
	 * result in a deadlock!
	 * 
	 * @param this 				the manager object
	 * @param[in/out] ike_sa_id	the SA identifier, will be updated
	 * @returns 					
	 * 							- checked out IKE_SA if found
	 * 							- NULL, if no such IKE_SA available
	 */
	ike_sa_t* (*checkout) (ike_sa_manager_t* this, ike_sa_id_t *sa_id);
	
	/**
	 * @brief Checkout an IKE_SA by two identifications.
	 *
	 * Allows the lookup of an IKE_SA by two user IDs. It returns the
	 * first found occurence, if there are multiple canddates. Supplied IDs
	 * may contain wildcards. If no IKE_SA is found, a new one is created.
	 *
	 * @param this			 	the manager object
	 * @param my_id				ID used by us
	 * @param other_id			ID used by other
	 * @return					checked out/created IKE_SA
	 */
	ike_sa_t* (*checkout_by_ids) (ike_sa_manager_t* this,
								  identification_t *my_id, 
								  identification_t *other_id);
	
	/**
	 * @brief Check out an IKE_SA by protocol and SPI of one of its CHILD_SA.
	 *
	 * The kernel sends us expire messages for IPsec SAs. To fullfill
	 * this request, we must check out the IKE SA which contains the
	 * CHILD_SA the kernel wants to modify.
	 *
	 * @param this				the manager object
	 * @param protocol			protocol of the CHILD_SA
	 * @param spi				SPI of the CHILD_SA
	 * @param[out] ike_sa 		checked out SA
	 * @return
	 * 							- NOT_FOUND, if no IKE SA with such a child found
	 * 							- SUCCESS, if ike_sa set
	 */
	status_t (*checkout_by_child) (ike_sa_manager_t* this, protocol_id_t protocol,
									u_int32_t spi, ike_sa_t **ike_sa);
	
	/**
	 * @brief Get a list of all IKE_SA SAs currently set up.
	 * 
	 * The resulting list with all IDs must be destroyed by 
	 * the caller. There is no guarantee an ike_sa with the 
	 * corrensponding ID really exists, since it may be deleted
	 * in the meantime by another thread.
	 * 
	 * @param this			 	the manager object
	 * @return					a list with ike_sa_id_t s
	 */
	linked_list_t *(*get_ike_sa_list) (ike_sa_manager_t* this);
	
	/**
	 * @brief Get a list of all IKE_SA SAs currently set up specified
	 * by the connections name.
	 * 
	 * @param this			 	the manager object
	 * @return					a list with ike_sa_id_t s
	 */
	linked_list_t *(*get_ike_sa_list_by_name) (ike_sa_manager_t* this, const char *name);
	
	/**
	 * @brief Log the status of the IKE_SA's in the manager.
	 *
	 * A informational log is done to the supplied logger. If logger is 
	 * NULL, an internal logger is used. If a name is supplied,
	 * only connections with the matching name will be logged.
	 * 
	 * @param this			 	the manager object
	 * @param logger			logger to do the log, or NULL
	 * @param name				name of a connection, or NULL
	 */
	void (*log_status) (ike_sa_manager_t* this, logger_t* logger, char* name);
	
	/**
	 * @brief Checkin the SA after usage.
	 * 
	 * @warning the SA pointer MUST NOT be used after checkin! 
	 * The SA must be checked out again!
	 *  
	 * @param this			 	the manager object
	 * @param[in/out] ike_sa_id	the SA identifier, will be updated
	 * @param[out] ike_sa		checked out SA
	 * @returns 				
	 * 							- SUCCESS if checked in
	 * 							- NOT_FOUND when not found (shouldn't happen!)
	 */
	status_t (*checkin) (ike_sa_manager_t* this, ike_sa_t *ike_sa);
	
	/**
	 * @brief Delete a SA, which was not checked out.
	 *
	 * If the state allows it, the IKE SA is destroyed immediately. If it is
	 * in the state ESTABLSIHED, a delete message
	 * is sent to the remote peer, which has to be acknowledged.
	 *
	 * @warning do not use this when the SA is already checked out, this will
	 * deadlock!
	 *
	 * @param this			 	the manager object
	 * @param[in/out] ike_sa_id	the SA identifier
	 * @returns 				
	 * 							- SUCCESS if found
	 * 							- NOT_FOUND when no such SA is available
	 */
	status_t (*delete) (ike_sa_manager_t* this, ike_sa_id_t *ike_sa_id);
	
	/**
	 * @brief Destroy a checked out SA.
	 *
	 * The IKE SA is destroyed without notification of the remote peer.
	 * Use this only if the other peer doesn't respond or behaves not
	 * as predicted.
	 * Checking in and destruction is an atomic operation (for the IKE_SA),
	 * so this can be called if the SA is in a "unclean" state, without the
	 * risk that another thread can get the SA.
	 *
	 * @param this			 	the manager object
	 * @param ike_sa			SA to delete
	 * @returns 				
	 * 							- SUCCESS if found
	 * 							- NOT_FOUND when no such SA is available
	 */
	status_t (*checkin_and_destroy) (ike_sa_manager_t* this, ike_sa_t *ike_sa);
	
	/**
	 * @brief Destroys the manager with all associated SAs.
	 * 
	 * Threads will be driven out, so all SAs can be deleted cleanly.
	 * 
	 * @param this				 the manager object
	 */
	void (*destroy) (ike_sa_manager_t *this);
};

/**
 * @brief Create a manager.
 * 
 * @returns 	ike_sa_manager_t object
 * 
 * @ingroup sa
 */
ike_sa_manager_t *ike_sa_manager_create(void);

#endif /*IKE_SA_MANAGER_H_*/