[apple/ipsec.git] / ipsec-tools / racoon / fsm.h

/*
 * Copyright (c) 2008 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * The contents of this file constitute Original Code as defined in and
 * are subject to the Apple Public Source License Version 1.1 (the
 * "License").  You may not use this file except in compliance with the
 * License.  Please obtain a copy of the License at
 * http://www.apple.com/publicsource and read it before using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
 * License for the specific language governing rights and limitations
 * under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */

#ifndef _FSM_H
#define _FSM_H

#include <stdlib.h>
#include <sys/types.h>
#include <sys/param.h>
#include <sys/socket.h>

#include "vmbuf.h"
#include "ike_session.h"
#include "handler.h"
#include "strnames.h"
#include "ipsec_xpc.h"

//================================
// Defines
//================================
//

//
// State Flags
//
// bit#     
//  0       Ike Version     0 = v1  1= v2
//  1       Expired
//  2       Established
//  3       Negotiating
//  4-5     Ike Phase       1 = Phase1  2 = phase2
//  6     Reserved
//  7       Direction       0 = Initiator   1 = Responder
//

// STATE FLAG MASKS
#define IKE_STATE_MASK_VERSION              0x8000
#define IKE_STATE_MASK_EXPIRED              0x4000
#define IKE_STATE_MASK_ESTABLISHED          0x2000
#define IKE_STATE_MASK_NEGOTIATING          0x1000
#define IKE_STATE_MASK_PHASE                0x0C00
#define IKE_STATE_MASK_XAUTH_OR_EAP_SUCC    0x0200
#define IKE_STATE_MASK_DIRECTION            0x0100
#define IKE_STATE_MASK_MODE                 0x00C0
#define IKE_STATE_MASK_STATE                0X003F

#define IKE_STATE_FLAG_VALUE_IKEV1          0x0000
#define IKE_STATE_FLAG_VALUE_IKEV2          0x8000
#define IKE_STATE_FLAG_VALUE_EXPIRED        0x4000
#define IKE_STATE_FLAG_VALUE_ESTABLISED     0x2000
#define IKE_STATE_FLAG_VALUE_NEGOTIATING    0x1000
#define IKE_STATE_FLAG_VALUE_PHASE1         0x0400
#define IKE_STATE_FLAG_VALUE_PHASE2         0x0800
#define IKE_STATE_FLAG_XAUTH_OR_EAP_SUCC    0x0200
#define IKE_STATE_FLAG_VALUE_INITIATOR      0x0000
#define IKE_STATE_FLAG_VALUE_RESPONDER      0x0100


//================================
// MACROS
//================================

#define FSM_STATE_IS_EXPIRED(s)             \
    ((s) & IKE_STATE_MASK_EXPIRED)

#define FSM_STATE_IS_ESTABLISHED(s)         \
    ((s) & IKE_STATE_MASK_ESTABLISHED)

#define FSM_STATE_IS_ESTABLISHED_OR_EXPIRED(s)  \
    (((s) & IKE_STATE_MASK_ESTABLISHED) | ((s) & IKE_STATE_MASK_EXPIRED))

#define FSM_STATE_IS_NEGOTIATING(s)         \
((s) & IKE_STATE_MASK_NEGOTIATING)

#define FSM_STATE_IS_INITIATOR(s)           \
    ((s & IKE_STATE_MASK_DIRECTION) == IKE_STATE_FLAG_VALUE_INITIATOR)

#define FSM_STATE_IS_RESPONDER(s)           \
((s & IKE_STATE_MASK_DIRECTION) == IKE_STATE_FLAG_VALUE_RESPONDER)

//================================
// API States
//================================

//================================
// IKEv1 States
//================================

#define IKEV1_STATE_FLAG_VALUE_INFO         (IKE_STATE_FLAG_VALUE_IKEV1 | 0x0000)
#define IKEV1_STATE_FLAG_VALUE_IDENTMODE    (IKE_STATE_FLAG_VALUE_IKEV1 | 0x0040)
#define IKEV1_STATE_FLAG_VALUE_AGGMODE      (IKE_STATE_FLAG_VALUE_IKEV1 | 0x0080)
#define IKEV1_STATE_FLAG_VALUE_QUICKMODE    (IKE_STATE_FLAG_VALUE_IKEV1 | 0x00C0)


#define IKEV1_STATE_FLAG_VALUE_SENT     0x0020
#define IKEV1_STATE_FLAG_VALUE_SPI      0x0010
#define IKEV1_STATE_FLAG_VALUE_ADDSA    0x0008
    

#define IKEV1_STATE_INITIATOR_IDENT  (IKE_STATE_FLAG_VALUE_PHASE1 | IKE_STATE_MASK_NEGOTIATING  \
            | IKE_STATE_FLAG_VALUE_INITIATOR | IKEV1_STATE_FLAG_VALUE_IDENTMODE)

#define IKEV1_STATE_RESPONDER_IDENT  (IKE_STATE_FLAG_VALUE_PHASE1 | IKE_STATE_MASK_NEGOTIATING  \
            | IKE_STATE_FLAG_VALUE_RESPONDER | IKEV1_STATE_FLAG_VALUE_IDENTMODE)

#define IKEV1_STATE_INITIATOR_AGG  (IKE_STATE_FLAG_VALUE_PHASE1 | IKE_STATE_MASK_NEGOTIATING    \
            | IKE_STATE_FLAG_VALUE_INITIATOR | IKEV1_STATE_FLAG_VALUE_AGGMODE)

#define IKEV1_STATE_RESPONDER_AGG  (IKE_STATE_FLAG_VALUE_PHASE1 | IKE_STATE_MASK_NEGOTIATING    \
            | IKE_STATE_FLAG_VALUE_RESPONDER | IKEV1_STATE_FLAG_VALUE_AGGMODE)

#define IKEV1_STATE_INITIATOR_QUICK  (IKE_STATE_FLAG_VALUE_PHASE2 | IKE_STATE_MASK_NEGOTIATING  \
            | IKE_STATE_FLAG_VALUE_INITIATOR | IKEV1_STATE_FLAG_VALUE_QUICKMODE)

#define IKEV1_STATE_RESPONDER_QUICK  (IKE_STATE_FLAG_VALUE_PHASE2 | IKE_STATE_MASK_NEGOTIATING  \
            | IKE_STATE_FLAG_VALUE_RESPONDER | IKEV1_STATE_FLAG_VALUE_QUICKMODE)


#define IKEV1_STATE_PHASE1_ESTABLISHED         (IKE_STATE_FLAG_VALUE_IKEV1 | IKE_STATE_FLAG_VALUE_PHASE1| IKE_STATE_FLAG_VALUE_ESTABLISED)
#define IKEV1_STATE_PHASE2_ESTABLISHED         (IKE_STATE_FLAG_VALUE_IKEV1 | IKE_STATE_FLAG_VALUE_PHASE2| IKE_STATE_FLAG_VALUE_ESTABLISED)
#define IKEV1_STATE_PHASE1_EXPIRED             (IKE_STATE_FLAG_VALUE_IKEV1 | IKE_STATE_FLAG_VALUE_PHASE1| IKE_STATE_FLAG_VALUE_EXPIRED)
#define IKEV1_STATE_PHASE2_EXPIRED             (IKE_STATE_FLAG_VALUE_IKEV1 | IKE_STATE_FLAG_VALUE_PHASE2| IKE_STATE_FLAG_VALUE_EXPIRED)

    // PHASE 1 INFO
#define IKEV1_STATE_INFO                (IKE_STATE_FLAG_VALUE_IKEV1 | IKEV1_STATE_FLAG_VALUE_INFO | 0x3F)

    // IDENT MODE
#define IKEV1_STATE_IDENT_I_START       (IKEV1_STATE_INITIATOR_IDENT)
#define IKEV1_STATE_IDENT_I_MSG1SENT    (IKEV1_STATE_INITIATOR_IDENT | IKEV1_STATE_FLAG_VALUE_SENT | 1)
#define IKEV1_STATE_IDENT_I_MSG2RCVD    (IKEV1_STATE_INITIATOR_IDENT | 2)
#define IKEV1_STATE_IDENT_I_MSG3SENT    (IKEV1_STATE_INITIATOR_IDENT | IKEV1_STATE_FLAG_VALUE_SENT | 3)
#define IKEV1_STATE_IDENT_I_MSG4RCVD    (IKEV1_STATE_INITIATOR_IDENT | 4)
#define IKEV1_STATE_IDENT_I_MSG5SENT    (IKEV1_STATE_INITIATOR_IDENT | IKEV1_STATE_FLAG_VALUE_SENT | 5)
#define IKEV1_STATE_IDENT_I_MSG6RCVD    (IKEV1_STATE_INITIATOR_IDENT | 6)

#define IKEV1_STATE_IDENT_R_START       (IKEV1_STATE_RESPONDER_IDENT)
#define IKEV1_STATE_IDENT_R_MSG1RCVD    (IKEV1_STATE_RESPONDER_IDENT | 1)
#define IKEV1_STATE_IDENT_R_MSG2SENT    (IKEV1_STATE_RESPONDER_IDENT | IKEV1_STATE_FLAG_VALUE_SENT | 2)
#define IKEV1_STATE_IDENT_R_MSG3RCVD    (IKEV1_STATE_RESPONDER_IDENT | 3)
#define IKEV1_STATE_IDENT_R_MSG4SENT    (IKEV1_STATE_RESPONDER_IDENT | IKEV1_STATE_FLAG_VALUE_SENT | 4)
#define IKEV1_STATE_IDENT_R_MSG5RCVD    (IKEV1_STATE_RESPONDER_IDENT | 5)
    // AGG MODE
#define IKEV1_STATE_AGG_I_START         (IKEV1_STATE_INITIATOR_AGG)
#define IKEV1_STATE_AGG_I_MSG1SENT      (IKEV1_STATE_INITIATOR_AGG | IKEV1_STATE_FLAG_VALUE_SENT | 1)
#define IKEV1_STATE_AGG_I_MSG2RCVD      (IKEV1_STATE_INITIATOR_AGG | 2)
#define IKEV1_STATE_AGG_I_MSG3SENT      (IKEV1_STATE_INITIATOR_AGG | IKEV1_STATE_FLAG_VALUE_SENT | 3)
#define IKEV1_STATE_AGG_R_START         (IKEV1_STATE_RESPONDER_AGG)
#define IKEV1_STATE_AGG_R_MSG1RCVD      (IKEV1_STATE_RESPONDER_AGG | 1)
#define IKEV1_STATE_AGG_R_MSG2SENT      (IKEV1_STATE_RESPONDER_AGG | IKEV1_STATE_FLAG_VALUE_SENT | 2)
#define IKEV1_STATE_AGG_R_MSG3RCVD      (IKEV1_STATE_RESPONDER_AGG | 3)
    // QUICK MODE
#define IKEV1_STATE_QUICK_I_START       (IKEV1_STATE_INITIATOR_QUICK)
#define IKEV1_STATE_QUICK_I_GETSPISENT  (IKEV1_STATE_INITIATOR_QUICK | IKEV1_STATE_FLAG_VALUE_SENT | IKEV1_STATE_FLAG_VALUE_SPI)
#define IKEV1_STATE_QUICK_I_GETSPIDONE  (IKEV1_STATE_INITIATOR_QUICK | IKEV1_STATE_FLAG_VALUE_SPI)
#define IKEV1_STATE_QUICK_I_MSG1SENT    (IKEV1_STATE_INITIATOR_QUICK | IKEV1_STATE_FLAG_VALUE_SENT | 1)
#define IKEV1_STATE_QUICK_I_MSG2RCVD    (IKEV1_STATE_INITIATOR_QUICK | 2)
#define IKEV1_STATE_QUICK_I_MSG3SENT    (IKEV1_STATE_INITIATOR_QUICK | IKEV1_STATE_FLAG_VALUE_SENT | 3)
#define IKEV1_STATE_QUICK_I_ADDSA       (IKEV1_STATE_INITIATOR_QUICK | IKEV1_STATE_FLAG_VALUE_ADDSA)
#define IKEV1_STATE_QUICK_R_START       (IKEV1_STATE_RESPONDER_QUICK)
#define IKEV1_STATE_QUICK_R_MSG1RCVD    (IKEV1_STATE_RESPONDER_QUICK | 1)
#define IKEV1_STATE_QUICK_R_GETSPISENT  (IKEV1_STATE_RESPONDER_QUICK | IKEV1_STATE_FLAG_VALUE_SENT | IKEV1_STATE_FLAG_VALUE_SPI)
#define IKEV1_STATE_QUICK_R_GETSPIDONE  (IKEV1_STATE_RESPONDER_QUICK | IKEV1_STATE_FLAG_VALUE_SPI)
#define IKEV1_STATE_QUICK_R_MSG2SENT    (IKEV1_STATE_RESPONDER_QUICK | IKEV1_STATE_FLAG_VALUE_SENT | 2)
#define IKEV1_STATE_QUICK_R_MSG3RCVD    (IKEV1_STATE_RESPONDER_QUICK | 3)
#define IKEV1_STATE_QUICK_R_COMMIT      (IKEV1_STATE_RESPONDER_QUICK | 4)
#define IKEV1_STATE_QUICK_R_ADDSA       (IKEV1_STATE_RESPONDER_QUICK | IKEV1_STATE_FLAG_VALUE_ADDSA)

extern void fsm_set_state(int *var, int state);
//================================
// Version Agnostic Events
//================================
extern void fsm_api_handle_connect (struct sockaddr_storage *remote, const int connect_mode);
extern void fsm_api_handle_disconnect (struct sockaddr_storage *remote, const char *reason);

extern void fsm_pfkey_handle_acquire (phase2_handle_t *iph2);
extern void fsm_pfkey_getspi_complete (phase2_handle_t *iph2);

extern void fsm_isakmp_initial_pkt (vchar_t *msg, struct sockaddr_storage *local, struct sockaddr_storage *remote);

//================================
// IKEv1 Events
//================================

extern int fsm_ikev1_phase1_process_payloads (phase1_handle_t *iph1, vchar_t *msg);
extern int fsm_ikev1_phase2_process_payloads (phase2_handle_t *iph2, vchar_t *msg);
extern int fsm_ikev1_phase1_send_response(phase1_handle_t *iph1, vchar_t *msg);
extern int fsm_ikev1_phase2_send_response(phase2_handle_t *iph2, vchar_t *msg);


#endif /* _FSM_H */
Commit	Line	Data
65c25746 A	1	/*
	2	* Copyright (c) 2008 Apple Computer, Inc. All rights reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* The contents of this file constitute Original Code as defined in and
	7	* are subject to the Apple Public Source License Version 1.1 (the
	8	* "License"). You may not use this file except in compliance with the
	9	* License. Please obtain a copy of the License at
	10	* http://www.apple.com/publicsource and read it before using this file.
	11	*
	12	* This Original Code and all software distributed under the License are
	13	* distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	14	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	15	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	16	* FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
	17	* License for the specific language governing rights and limitations
	18	* under the License.
	19	*
	20	* @APPLE_LICENSE_HEADER_END@
	21	*/
	22
	23	#ifndef _FSM_H
	24	#define _FSM_H
	25
	26	#include <stdlib.h>
	27	#include <sys/types.h>
	28	#include <sys/param.h>
	29	#include <sys/socket.h>
	30
	31	#include "vmbuf.h"
	32	#include "ike_session.h"
	33	#include "handler.h"
	34	#include "strnames.h"
	35	#include "ipsec_xpc.h"
	36
	37	//================================
	38	// Defines
	39	//================================
	40	//
	41
	42	//
	43	// State Flags
	44	//
	45	// bit#
	46	// 0 Ike Version 0 = v1 1= v2
	47	// 1 Expired
	48	// 2 Established
	49	// 3 Negotiating
	50	// 4-5 Ike Phase 1 = Phase1 2 = phase2
	51	// 6 Reserved
	52	// 7 Direction 0 = Initiator 1 = Responder
	53	//
	54
	55	// STATE FLAG MASKS
	56	#define IKE_STATE_MASK_VERSION 0x8000
	57	#define IKE_STATE_MASK_EXPIRED 0x4000
	58	#define IKE_STATE_MASK_ESTABLISHED 0x2000
	59	#define IKE_STATE_MASK_NEGOTIATING 0x1000
	60	#define IKE_STATE_MASK_PHASE 0x0C00
	61	#define IKE_STATE_MASK_XAUTH_OR_EAP_SUCC 0x0200
	62	#define IKE_STATE_MASK_DIRECTION 0x0100
	63	#define IKE_STATE_MASK_MODE 0x00C0
	64	#define IKE_STATE_MASK_STATE 0X003F
65
66	#define IKE_STATE_FLAG_VALUE_IKEV1 0x0000
67	#define IKE_STATE_FLAG_VALUE_IKEV2 0x8000
68	#define IKE_STATE_FLAG_VALUE_EXPIRED 0x4000
69	#define IKE_STATE_FLAG_VALUE_ESTABLISED 0x2000
70	#define IKE_STATE_FLAG_VALUE_NEGOTIATING 0x1000
71	#define IKE_STATE_FLAG_VALUE_PHASE1 0x0400
72	#define IKE_STATE_FLAG_VALUE_PHASE2 0x0800
73	#define IKE_STATE_FLAG_XAUTH_OR_EAP_SUCC 0x0200
74	#define IKE_STATE_FLAG_VALUE_INITIATOR 0x0000
75	#define IKE_STATE_FLAG_VALUE_RESPONDER 0x0100
76
77
78	//================================
79	// MACROS
80	//================================
81
82	#define FSM_STATE_IS_EXPIRED(s) \
83	((s) & IKE_STATE_MASK_EXPIRED)
84
85	#define FSM_STATE_IS_ESTABLISHED(s) \
86	((s) & IKE_STATE_MASK_ESTABLISHED)
87
88	#define FSM_STATE_IS_ESTABLISHED_OR_EXPIRED(s) \
89	(((s) & IKE_STATE_MASK_ESTABLISHED) \| ((s) & IKE_STATE_MASK_EXPIRED))
90
91	#define FSM_STATE_IS_NEGOTIATING(s) \
92	((s) & IKE_STATE_MASK_NEGOTIATING)
93
94	#define FSM_STATE_IS_INITIATOR(s) \
95	((s & IKE_STATE_MASK_DIRECTION) == IKE_STATE_FLAG_VALUE_INITIATOR)
96
97	#define FSM_STATE_IS_RESPONDER(s) \
98	((s & IKE_STATE_MASK_DIRECTION) == IKE_STATE_FLAG_VALUE_RESPONDER)
99
100	//================================
101	// API States
102	//================================
103
104	//================================
105	// IKEv1 States
106	//================================
107
108	#define IKEV1_STATE_FLAG_VALUE_INFO (IKE_STATE_FLAG_VALUE_IKEV1 \| 0x0000)
109	#define IKEV1_STATE_FLAG_VALUE_IDENTMODE (IKE_STATE_FLAG_VALUE_IKEV1 \| 0x0040)
110	#define IKEV1_STATE_FLAG_VALUE_AGGMODE (IKE_STATE_FLAG_VALUE_IKEV1 \| 0x0080)
111	#define IKEV1_STATE_FLAG_VALUE_QUICKMODE (IKE_STATE_FLAG_VALUE_IKEV1 \| 0x00C0)
112
113
114	#define IKEV1_STATE_FLAG_VALUE_SENT 0x0020
115	#define IKEV1_STATE_FLAG_VALUE_SPI 0x0010
116	#define IKEV1_STATE_FLAG_VALUE_ADDSA 0x0008
117
118
119	#define IKEV1_STATE_INITIATOR_IDENT (IKE_STATE_FLAG_VALUE_PHASE1 \| IKE_STATE_MASK_NEGOTIATING \
120	\| IKE_STATE_FLAG_VALUE_INITIATOR \| IKEV1_STATE_FLAG_VALUE_IDENTMODE)
121
122	#define IKEV1_STATE_RESPONDER_IDENT (IKE_STATE_FLAG_VALUE_PHASE1 \| IKE_STATE_MASK_NEGOTIATING \
123	\| IKE_STATE_FLAG_VALUE_RESPONDER \| IKEV1_STATE_FLAG_VALUE_IDENTMODE)
124
125	#define IKEV1_STATE_INITIATOR_AGG (IKE_STATE_FLAG_VALUE_PHASE1 \| IKE_STATE_MASK_NEGOTIATING \
126	\| IKE_STATE_FLAG_VALUE_INITIATOR \| IKEV1_STATE_FLAG_VALUE_AGGMODE)
127
128	#define IKEV1_STATE_RESPONDER_AGG (IKE_STATE_FLAG_VALUE_PHASE1 \| IKE_STATE_MASK_NEGOTIATING \
129	\| IKE_STATE_FLAG_VALUE_RESPONDER \| IKEV1_STATE_FLAG_VALUE_AGGMODE)
130
131	#define IKEV1_STATE_INITIATOR_QUICK (IKE_STATE_FLAG_VALUE_PHASE2 \| IKE_STATE_MASK_NEGOTIATING \
132	\| IKE_STATE_FLAG_VALUE_INITIATOR \| IKEV1_STATE_FLAG_VALUE_QUICKMODE)
133
134	#define IKEV1_STATE_RESPONDER_QUICK (IKE_STATE_FLAG_VALUE_PHASE2 \| IKE_STATE_MASK_NEGOTIATING \
135	\| IKE_STATE_FLAG_VALUE_RESPONDER \| IKEV1_STATE_FLAG_VALUE_QUICKMODE)
136
137
138	#define IKEV1_STATE_PHASE1_ESTABLISHED (IKE_STATE_FLAG_VALUE_IKEV1 \| IKE_STATE_FLAG_VALUE_PHASE1\| IKE_STATE_FLAG_VALUE_ESTABLISED)
139	#define IKEV1_STATE_PHASE2_ESTABLISHED (IKE_STATE_FLAG_VALUE_IKEV1 \| IKE_STATE_FLAG_VALUE_PHASE2\| IKE_STATE_FLAG_VALUE_ESTABLISED)
140	#define IKEV1_STATE_PHASE1_EXPIRED (IKE_STATE_FLAG_VALUE_IKEV1 \| IKE_STATE_FLAG_VALUE_PHASE1\| IKE_STATE_FLAG_VALUE_EXPIRED)
141	#define IKEV1_STATE_PHASE2_EXPIRED (IKE_STATE_FLAG_VALUE_IKEV1 \| IKE_STATE_FLAG_VALUE_PHASE2\| IKE_STATE_FLAG_VALUE_EXPIRED)
142
143	// PHASE 1 INFO
144	#define IKEV1_STATE_INFO (IKE_STATE_FLAG_VALUE_IKEV1 \| IKEV1_STATE_FLAG_VALUE_INFO \| 0x3F)
145
146	// IDENT MODE
147	#define IKEV1_STATE_IDENT_I_START (IKEV1_STATE_INITIATOR_IDENT)
148	#define IKEV1_STATE_IDENT_I_MSG1SENT (IKEV1_STATE_INITIATOR_IDENT \| IKEV1_STATE_FLAG_VALUE_SENT \| 1)
149	#define IKEV1_STATE_IDENT_I_MSG2RCVD (IKEV1_STATE_INITIATOR_IDENT \| 2)
150	#define IKEV1_STATE_IDENT_I_MSG3SENT (IKEV1_STATE_INITIATOR_IDENT \| IKEV1_STATE_FLAG_VALUE_SENT \| 3)
151	#define IKEV1_STATE_IDENT_I_MSG4RCVD (IKEV1_STATE_INITIATOR_IDENT \| 4)
152	#define IKEV1_STATE_IDENT_I_MSG5SENT (IKEV1_STATE_INITIATOR_IDENT \| IKEV1_STATE_FLAG_VALUE_SENT \| 5)
153	#define IKEV1_STATE_IDENT_I_MSG6RCVD (IKEV1_STATE_INITIATOR_IDENT \| 6)
154
155	#define IKEV1_STATE_IDENT_R_START (IKEV1_STATE_RESPONDER_IDENT)
156	#define IKEV1_STATE_IDENT_R_MSG1RCVD (IKEV1_STATE_RESPONDER_IDENT \| 1)
157	#define IKEV1_STATE_IDENT_R_MSG2SENT (IKEV1_STATE_RESPONDER_IDENT \| IKEV1_STATE_FLAG_VALUE_SENT \| 2)
158	#define IKEV1_STATE_IDENT_R_MSG3RCVD (IKEV1_STATE_RESPONDER_IDENT \| 3)
159	#define IKEV1_STATE_IDENT_R_MSG4SENT (IKEV1_STATE_RESPONDER_IDENT \| IKEV1_STATE_FLAG_VALUE_SENT \| 4)
160	#define IKEV1_STATE_IDENT_R_MSG5RCVD (IKEV1_STATE_RESPONDER_IDENT \| 5)
161	// AGG MODE
162	#define IKEV1_STATE_AGG_I_START (IKEV1_STATE_INITIATOR_AGG)
163	#define IKEV1_STATE_AGG_I_MSG1SENT (IKEV1_STATE_INITIATOR_AGG \| IKEV1_STATE_FLAG_VALUE_SENT \| 1)
164	#define IKEV1_STATE_AGG_I_MSG2RCVD (IKEV1_STATE_INITIATOR_AGG \| 2)
165	#define IKEV1_STATE_AGG_I_MSG3SENT (IKEV1_STATE_INITIATOR_AGG \| IKEV1_STATE_FLAG_VALUE_SENT \| 3)
166	#define IKEV1_STATE_AGG_R_START (IKEV1_STATE_RESPONDER_AGG)
167	#define IKEV1_STATE_AGG_R_MSG1RCVD (IKEV1_STATE_RESPONDER_AGG \| 1)
168	#define IKEV1_STATE_AGG_R_MSG2SENT (IKEV1_STATE_RESPONDER_AGG \| IKEV1_STATE_FLAG_VALUE_SENT \| 2)
169	#define IKEV1_STATE_AGG_R_MSG3RCVD (IKEV1_STATE_RESPONDER_AGG \| 3)
170	// QUICK MODE
171	#define IKEV1_STATE_QUICK_I_START (IKEV1_STATE_INITIATOR_QUICK)
172	#define IKEV1_STATE_QUICK_I_GETSPISENT (IKEV1_STATE_INITIATOR_QUICK \| IKEV1_STATE_FLAG_VALUE_SENT \| IKEV1_STATE_FLAG_VALUE_SPI)
173	#define IKEV1_STATE_QUICK_I_GETSPIDONE (IKEV1_STATE_INITIATOR_QUICK \| IKEV1_STATE_FLAG_VALUE_SPI)
174	#define IKEV1_STATE_QUICK_I_MSG1SENT (IKEV1_STATE_INITIATOR_QUICK \| IKEV1_STATE_FLAG_VALUE_SENT \| 1)
175	#define IKEV1_STATE_QUICK_I_MSG2RCVD (IKEV1_STATE_INITIATOR_QUICK \| 2)
176	#define IKEV1_STATE_QUICK_I_MSG3SENT (IKEV1_STATE_INITIATOR_QUICK \| IKEV1_STATE_FLAG_VALUE_SENT \| 3)
177	#define IKEV1_STATE_QUICK_I_ADDSA (IKEV1_STATE_INITIATOR_QUICK \| IKEV1_STATE_FLAG_VALUE_ADDSA)
178	#define IKEV1_STATE_QUICK_R_START (IKEV1_STATE_RESPONDER_QUICK)
179	#define IKEV1_STATE_QUICK_R_MSG1RCVD (IKEV1_STATE_RESPONDER_QUICK \| 1)
180	#define IKEV1_STATE_QUICK_R_GETSPISENT (IKEV1_STATE_RESPONDER_QUICK \| IKEV1_STATE_FLAG_VALUE_SENT \| IKEV1_STATE_FLAG_VALUE_SPI)
181	#define IKEV1_STATE_QUICK_R_GETSPIDONE (IKEV1_STATE_RESPONDER_QUICK \| IKEV1_STATE_FLAG_VALUE_SPI)
182	#define IKEV1_STATE_QUICK_R_MSG2SENT (IKEV1_STATE_RESPONDER_QUICK \| IKEV1_STATE_FLAG_VALUE_SENT \| 2)
183	#define IKEV1_STATE_QUICK_R_MSG3RCVD (IKEV1_STATE_RESPONDER_QUICK \| 3)
184	#define IKEV1_STATE_QUICK_R_COMMIT (IKEV1_STATE_RESPONDER_QUICK \| 4)
185	#define IKEV1_STATE_QUICK_R_ADDSA (IKEV1_STATE_RESPONDER_QUICK \| IKEV1_STATE_FLAG_VALUE_ADDSA)
186
65c25746 A	187	extern void fsm_set_state(int *var, int state);
	188	//================================
	189	// Version Agnostic Events
	190	//================================
	191	extern void fsm_api_handle_connect (struct sockaddr_storage *remote, const int connect_mode);
	192	extern void fsm_api_handle_disconnect (struct sockaddr_storage remote, const char reason);
	193
	194	extern void fsm_pfkey_handle_acquire (phase2_handle_t *iph2);
	195	extern void fsm_pfkey_getspi_complete (phase2_handle_t *iph2);
	196
	197	extern void fsm_isakmp_initial_pkt (vchar_t msg, struct sockaddr_storage local, struct sockaddr_storage *remote);
	198
	199	//================================
	200	// IKEv1 Events
	201	//================================
	202
	203	extern int fsm_ikev1_phase1_process_payloads (phase1_handle_t iph1, vchar_t msg);
	204	extern int fsm_ikev1_phase2_process_payloads (phase2_handle_t iph2, vchar_t msg);
	205	extern int fsm_ikev1_phase1_send_response(phase1_handle_t iph1, vchar_t msg);
	206	extern int fsm_ikev1_phase2_send_response(phase2_handle_t iph2, vchar_t msg);
	207
	208
	209	#endif /* _FSM_H */