Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: lists.freeswan.org > 1998-fall > 98 > 120327.html (Request Expert lists.freeswan.org Support)

linux-ipsec: Pluto structure ideas for DRH

From: Peter Onion <Peter.Onion(at)btinternet.com>
Date: Wed Dec 23 1998 - 15:17:12 EST

I'm a fan of Finite State Machines for protocols.

There is far to much of the "state flow" hard coded into the individual state handlers (eg main_inI1_outR1 or main_inR1_outI2). The ordering of payloads is hardcoded , but I don't think the rfcs say they MUST come in any particular order.

How about a state machine that is driven by reception of each ISAKMP Payload ? The final "NONE" payload can then check that the required payloads have been recieved and compose the reply.

Also I think it will allow for features such as communication with a  "Certificate Daemon" or other asynch processes (Secure DNS ??) easier as their responses can be handled by defining them generate suitable events ( Note that I've not quite thort this all the way through yet).

I'm going to have a go at drawing a state transition diagram to see if it makes things easier to understand. I'm not sure if I want a finer state granularity than is currently used (ie does each invividual payload alter the main state or just set a bit in a flag to say that that particular payload type has been recieved).

Hope this is helpful (to somebody :-)

Marry Xmas ... Peter Onion.


E-Mail: Peter Onion <Peter.Onion@btinternet.com> Date: 23-Dec-98
Time: 20:01:25
Do you need help?X

This message was sent by XFMail

Received on Wed Dec 23 15:40:19 1998

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:09 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library