]> git.saurik.com Git - apple/ipsec.git/blobdiff - ipsec-tools/racoon/ike_session.h
ipsec-317.220.1.tar.gz
[apple/ipsec.git] / ipsec-tools / racoon / ike_session.h
index 4d4854c7d6ae335e1958ed74d64ea92e94212e8a..2aa10761135c35ea2233484716cbfe03139b5fd4 100644 (file)
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/param.h>
-#ifdef __APPLE__
-#include <System/net/pfkeyv2.h>
-#else
 #include <net/pfkeyv2.h>
-#endif
 #include <netinet/in.h>
+#include <dispatch/dispatch.h>
 #include "handler.h"
 #include "ipsecSessionTracer.h"
 
-#define IKE_VERSION_1                                  0x1
-#define IKE_VERSION_2                                  0x2
-
 typedef struct ike_session_id {
        struct sockaddr_storage local;
        struct sockaddr_storage remote;
@@ -52,20 +46,17 @@ typedef struct ike_session_ikev1 {
        /* list of ph1s */
        int                                  active_ph1cnt;
        int                                  ph1cnt;    /* the number which is negotiated for this session */
-       LIST_HEAD(_ph1ofsession_, ph1handle) ph1tree;
-       
        /* list of ph2s */
        int                                  active_ph2cnt;
        int                                  ph2cnt;    /* the number which is negotiated for this session */
-       LIST_HEAD(_ph2ofsession_, ph2handle) ph2tree;
 } ike_session_ikev1_t;
 
 typedef struct ike_session_sastats {
     int                                  interv_mon;
     int                                  interv_idle;
     int                                  dir_idle;
-    struct sched                        *sc_mon;
-    struct sched                        *sc_idle;
+    schedule_ref                         sc_mon;
+    schedule_ref                         sc_idle;
 
     u_int32_t                            num_in_curr_req;
     u_int32_t                            num_in_last_poll;
@@ -79,7 +70,6 @@ typedef struct ike_session_sastats {
 } ike_sesssion_sastats_t;
 
 struct ike_session {
-       u_int8_t                             version;           /* mask of version flags */
        u_int8_t                                             mode;                      /* mode of protocol, see ipsec.h */
        u_int16_t                            proto;                     /* IPPROTO_ESP or IPPROTO_AH */
 
@@ -95,9 +85,13 @@ struct ike_session {
     int                                  peer_sent_data_sc_idle:1;
     int                                  i_sent_data_sc_dpd:1;
     int                                  i_sent_data_sc_idle:1;
-    int                                         is_client:1;
+    int                                  is_client:1;
     time_t                               last_time_data_sc_detected;
+    int                                  controller_awaiting_peer_resp:1;
+    int                                  is_dying:1;
+    int                                  is_asserted:1;
     u_int32_t                            natt_flags;
+       u_int32_t                            natt_version;
        char                                *term_reason;
 
        struct timeval                                           start_timestamp;
@@ -108,52 +102,81 @@ struct ike_session {
        ike_session_stats_t                                      stats;
 
     ike_sesssion_sastats_t               traffic_monitor;
-    struct sched                        *sc_idle;
-    struct sched                        *sc_xauth;
+    schedule_ref                         sc_idle;
+    schedule_ref                         sc_xauth;
+    
+    LIST_HEAD(_ph1tree_, phase1handle)   ph1tree;
+    LIST_HEAD(_ph2tree_, phase2handle)   ph2tree;
 
        LIST_ENTRY(ike_session)              chain;
 };
 
+typedef enum ike_session_rekey_type {
+       IKE_SESSION_REKEY_TYPE_NONE = 0,
+       IKE_SESSION_REKEY_TYPE_PH1,
+       IKE_SESSION_REKEY_TYPE_PH2,
+} ike_session_rekey_type_t;
+
 extern const char *    ike_session_stopped_by_vpn_disconnect;
+extern const char *    ike_session_stopped_by_controller_comm_lost;
 extern const char *    ike_session_stopped_by_flush;
-
-extern void               ike_session_init __P((void));
-extern ike_session_t *   ike_session_get_session __P((struct sockaddr *, struct sockaddr *, int));
-extern u_int              ike_session_get_rekey_lifetime __P((int, u_int));
-extern void               ike_session_update_mode __P((struct ph2handle *iph2));
-extern int                ike_session_link_ph1_to_session __P((struct ph1handle *));
-extern int                ike_session_link_ph2_to_session __P((struct ph2handle *));
-extern int                ike_session_unlink_ph1_from_session __P((struct ph1handle *));
-extern int                ike_session_unlink_ph2_from_session __P((struct ph2handle *));
-extern int                ike_session_has_other_established_ph1 __P((ike_session_t *, struct ph1handle *));
-extern int                ike_session_has_other_negoing_ph1 __P((ike_session_t *, struct ph1handle *));
-extern int                ike_session_has_other_established_ph2 __P((ike_session_t *, struct ph2handle *));
-extern int                ike_session_has_other_negoing_ph2 __P((ike_session_t *, struct ph2handle *));
-extern int                ike_session_verify_ph2_parent_session __P((struct ph2handle *));
-extern struct ph1handle * ike_session_update_ph1_ph2tree __P((struct ph1handle *));
-extern struct ph1handle * ike_session_update_ph2_ph1bind __P((struct ph2handle *));
-extern void               ike_session_ikev1_float_ports __P((struct ph1handle *));
-extern void               ike_session_ph2_established __P((struct ph2handle *));
-extern void               ike_session_cleanup_other_established_ph1s __P((ike_session_t *, struct ph1handle *));
-extern void               ike_session_cleanup_other_established_ph2s __P((ike_session_t *, struct ph2handle *));
-extern void                              ike_session_stopped_by_controller __P((ike_session_t *, const char *));
-extern void                              ike_sessions_stopped_by_controller __P((struct sockaddr *, int, const char *));
-extern void               ike_session_purge_ph2s_by_ph1 __P((struct ph1handle *));
-extern struct ph1handle * ike_session_get_established_ph1 __P((ike_session_t *));
-extern void               ike_session_update_ph2_ports __P((struct ph2handle *));
-extern u_int32_t          ike_session_get_sas_for_stats __P((ike_session_t *, u_int8_t, u_int32_t *, struct sastat  *, u_int32_t));
-extern void               ike_session_update_traffic_idle_status __P((ike_session_t *, u_int32_t, struct sastat *, u_int32_t));
-extern void               ike_session_cleanup __P((ike_session_t *, const char *));
-extern int                ike_session_has_negoing_ph1 __P((ike_session_t *));
-extern int                ike_session_has_negoing_ph2 __P((ike_session_t *));
-extern int                ike_session_has_established_ph2 __P((ike_session_t *));
-extern void               ike_session_cleanup_ph1s_by_ph2 __P((struct ph2handle *));
-extern int                ike_session_is_client_ph2_rekey __P((struct ph2handle *));
-extern int                ike_session_is_client_ph1_rekey __P((struct ph1handle *));
-extern void               ike_session_start_xauth_timer __P((struct ph1handle *));
-extern void               ike_session_stop_xauth_timer __P((struct ph1handle *));
-extern int                ike_session_get_sainfo_r __P((struct ph2handle *));
-extern int                ike_session_drop_rekey __P((ike_session_t *));
-extern void               ike_session_ph2_retransmits __P((struct ph2handle *));
+extern const char *    ike_session_stopped_by_sleepwake;
+extern const char *    ike_session_stopped_by_assert;
+extern const char * ike_session_stopped_by_peer;
+
+extern void               ike_session_init (void);
+extern ike_session_t *    ike_session_create_session (ike_session_id_t *session_id);
+extern void               ike_session_release_session (ike_session_t *session);
+extern ike_session_t *   ike_session_get_session (struct sockaddr_storage *, struct sockaddr_storage *, int, isakmp_index *);
+extern u_int              ike_session_get_rekey_lifetime (int, u_int);
+extern void               ike_session_update_mode (phase2_handle_t *iph2);
+extern int                ike_session_link_phase1 (ike_session_t *, phase1_handle_t *);
+extern int                ike_session_link_phase2 (ike_session_t *, phase2_handle_t *);
+extern int                ike_session_link_ph2_to_ph1 (phase1_handle_t *, phase2_handle_t *);
+extern int                ike_session_unlink_phase1 (phase1_handle_t *);
+extern int                ike_session_unlink_phase2 (phase2_handle_t *);
+extern int                ike_session_has_other_established_ph1 (ike_session_t *, phase1_handle_t *);
+extern int                ike_session_has_other_negoing_ph1 (ike_session_t *, phase1_handle_t *);
+extern int                ike_session_has_other_established_ph2 (ike_session_t *, phase2_handle_t *);
+extern int                ike_session_has_other_negoing_ph2 (ike_session_t *, phase2_handle_t *);
+extern phase1_handle_t  * ike_session_update_ph1_ph2tree (phase1_handle_t *);
+extern phase1_handle_t  * ike_session_update_ph2_ph1bind (phase2_handle_t *);
+extern void               ike_session_ikev1_float_ports (phase1_handle_t *);
+extern void               ike_session_ph2_established (phase2_handle_t *);
+extern void               ike_session_replace_other_ph1 (phase1_handle_t *, phase1_handle_t *);
+extern void               ike_session_cleanup_other_established_ph1s (ike_session_t *, phase1_handle_t *);
+extern void               ike_session_cleanup_other_established_ph2s (ike_session_t *, phase2_handle_t *);
+extern void                              ike_session_stopped_by_controller (ike_session_t *, const char *);
+extern void                              ike_sessions_stopped_by_controller (struct sockaddr_storage *, int, const char *);
+extern void               ike_session_purge_ph2s_by_ph1 (phase1_handle_t *);
+extern void               ike_session_purge_ph1s_by_session (ike_session_t *session);
+extern phase1_handle_t  * ike_session_get_established_ph1 (ike_session_t *);
+extern phase1_handle_t *  ike_session_get_established_or_negoing_ph1 (ike_session_t *);
+extern void               ike_session_update_ph2_ports (phase2_handle_t *);
+extern u_int32_t          ike_session_get_sas_for_stats (ike_session_t *, u_int8_t, u_int32_t *, struct sastat  *, u_int32_t);
+extern void               ike_session_update_traffic_idle_status (ike_session_t *, u_int32_t, struct sastat *, u_int32_t);
+extern void               ike_session_cleanup (ike_session_t *, const char *);
+extern int                ike_session_has_negoing_ph1 (ike_session_t *);
+extern int                ike_session_has_established_ph1 (ike_session_t *);
+extern int                ike_session_has_negoing_ph2 (ike_session_t *);
+extern int                ike_session_has_established_ph2 (ike_session_t *);
+extern void               ike_session_cleanup_ph1s_by_ph2 (phase2_handle_t *);
+extern int                ike_session_is_client_ph2_rekey (phase2_handle_t *);
+extern int                ike_session_is_client_ph1_rekey (phase1_handle_t *);
+extern int                ike_session_is_client_ph1 (phase1_handle_t *);
+extern int                ike_session_is_client_ph2 (phase2_handle_t *);
+extern void               ike_session_start_xauth_timer (phase1_handle_t *);
+extern void               ike_session_stop_xauth_timer (phase1_handle_t *);
+extern int                ike_session_get_sainfo_r (phase2_handle_t *);
+extern int                ike_session_get_proposal_r (phase2_handle_t *);
+extern void               ike_session_update_natt_version (phase1_handle_t *);
+extern int                ike_session_get_natt_version (phase1_handle_t *);
+extern int                ike_session_drop_rekey (ike_session_t *, ike_session_rekey_type_t);
+extern void               ike_session_sweep_sleepwake (void);
+extern int                ike_session_assert (struct sockaddr_storage *, struct sockaddr_storage *);
+extern int                ike_session_assert_session (ike_session_t *);
+extern void               ike_session_unbindph12(phase2_handle_t *);  
+extern void               ike_session_ph2_retransmits (phase2_handle_t *);
+extern void               ike_session_ph1_retransmits (phase1_handle_t *);
 
 #endif /* _IKE_SESSION_H */