sync/gen_statemachine.ysl2
author Volker Birk <vb@pep.foundation>
Thu, 23 Aug 2018 20:40:37 +0200
branchsync
changeset 2890 93370e9026b1
parent 2889 683eba0e3d81
child 2891 adf0103397e4
permissions -rw-r--r--
test for encryption and trust when receiving messages
krista@2271
     1
// This file is under GNU General Public License 3.0
krista@2271
     2
// see LICENSE.txt
krista@2271
     3
krista@2271
     4
// generate state machine code
krista@2271
     5
vb@2840
     6
// Copyleft (c) 2016 - 2018, p≡p foundation
krista@2271
     7
krista@2271
     8
// Written by Volker Birk
krista@2271
     9
krista@2271
    10
include yslt.yml2
krista@2271
    11
krista@2271
    12
tstylesheet {
krista@2271
    13
    include standardlib.ysl2
krista@2271
    14
    include ./functions.ysl2
krista@2271
    15
krista@2271
    16
    template "/protocol" {
vb@2838
    17
        document "generated/{@name}_event.h", "text"
vb@2838
    18
        ||
vb@2838
    19
        // This file is under GNU General Public License 3.0
vb@2838
    20
        // see LICENSE.txt
vb@2838
    21
vb@2838
    22
        #pragma once
vb@2838
    23
vb@2838
    24
        #include "dynamic_api.h"
vb@2838
    25
vb@2838
    26
        #ifdef __cplusplus
vb@2838
    27
        extern "C" {
vb@2838
    28
        #endif
vb@2838
    29
vb@2847
    30
        #include "«@name».h"
vb@2838
    31
vb@2838
    32
vb@2847
    33
        typedef struct «@name»_event {
vb@2838
    34
            «@name»_PR fsm;
vb@2838
    35
            int event;
vb@2838
    36
            «@name»_t *msg;
vb@2838
    37
        } «@name»_event_t;
vb@2838
    38
vb@2838
    39
 
vb@2838
    40
        // new_«@name»_event() - allocate a new «@name»_event
vb@2838
    41
        //
vb@2838
    42
        //  parameters:
vb@2838
    43
        //      fsm (in)        finite state machine the event is for
vb@2838
    44
        //      event (in)      event or None
vb@2838
    45
        //      msg (in)        message to compute event from
vb@2838
    46
        //
vb@2838
    47
        //  return value:
vb@2838
    48
        //      pointer to new event or NULL in case of failure
vb@2838
    49
        //
vb@2838
    50
        //  caveat:
vb@2838
    51
        //      event must be valid for fsm or None
vb@2838
    52
        //      in case msg is given event will be calculated out of message
vb@2838
    53
vb@2838
    54
        DYNAMIC_API «@name»_event_t *new_«@name»_event(«@name»_PR fsm, int event, «@name»_t *msg);
vb@2838
    55
vb@2838
    56
vb@2838
    57
        // free_«@name»_event() - free memory occupied by event
vb@2838
    58
        //
vb@2838
    59
        //  parameters:
vb@2838
    60
        //      ev (in)         event to free
vb@2838
    61
vb@2838
    62
        DYNAMIC_API void free_«@name»_event(«@name»_event_t *ev);
vb@2838
    63
vb@2838
    64
vb@2838
    65
        #ifdef __cplusplus
vb@2838
    66
        }
vb@2838
    67
        #endif
vb@2838
    68
vb@2838
    69
        ||
vb@2838
    70
vb@2838
    71
        document "generated/{@name}_event.c", "text"
vb@2838
    72
        ||
vb@2838
    73
        // This file is under GNU General Public License 3.0
vb@2838
    74
        // see LICENSE.txt
vb@2838
    75
vb@2838
    76
        #include "pEp_internal.h"
vb@2838
    77
        #include "«@name»_event.h"
vb@2838
    78
        #include "«@name»_func.h"
vb@2839
    79
        `` for "fsm" | #include "«@name»_fsm.h"
vb@2838
    80
vb@2838
    81
        DYNAMIC_API «@name»_event_t *new_«@name»_event(«@name»_PR fsm, int event, «@name»_t *msg)
vb@2838
    82
        {
vb@2838
    83
            assert(fsm > 0 && (event >= 0 |`> |` msg));
vb@2838
    84
            if (!(fsm > 0 && (event >= 0 |`> |` msg)))
vb@2838
    85
                return NULL;
vb@2838
    86
vb@2838
    87
            «@name»_event_t *ev = («@name»_event_t *) calloc(1, sizeof(«@name»_event_t));
vb@2838
    88
            assert(ev);
vb@2838
    89
            if (!ev)
vb@2838
    90
                return NULL;
vb@2838
    91
vb@2838
    92
            ev->fsm = fsm;
vb@2838
    93
            ev->event = event;
vb@2838
    94
            ev->msg = msg;
vb@2838
    95
vb@2838
    96
            if (msg) {
vb@2838
    97
                switch (fsm) {
vb@2838
    98
                    `` apply "fsm", 3, mode=event
vb@2838
    99
                    default:
vb@2838
   100
                        // unknown protocol
vb@2838
   101
                        free(ev);
vb@2838
   102
                        return NULL;
vb@2838
   103
                }
vb@2838
   104
            }
vb@2838
   105
vb@2838
   106
            return ev;
vb@2838
   107
        }
vb@2838
   108
vb@2838
   109
        DYNAMIC_API void free_«@name»_event(«@name»_event_t *ev)
vb@2838
   110
        {
vb@2838
   111
            if (ev) {
vb@2838
   112
                free_«@name»_message(ev->msg);
vb@2838
   113
                free(ev);
vb@2838
   114
            }
vb@2838
   115
        }
vb@2838
   116
vb@2838
   117
        ||
vb@2838
   118
vb@2829
   119
        document "generated/{@name}_impl.h", "text" {
vb@2870
   120
            ||
vb@2870
   121
            // This file is under GNU General Public License 3.0
vb@2870
   122
            // see LICENSE.txt
krista@2271
   123
vb@2870
   124
            #pragma once
krista@2271
   125
vb@2870
   126
            #include "fsm_common.h"
vb@2889
   127
            #include "«@name»_event.h"
vb@2870
   128
            #include "message_api.h"
vb@2870
   129
            
vb@2870
   130
            #ifdef __cplusplus
vb@2870
   131
            extern "C" {
vb@2870
   132
            #endif
krista@2271
   133
vb@2870
   134
            // conditions
krista@2271
   135
vb@2870
   136
            ||
vb@2870
   137
            for "func:distinctName(*//condition)"
vb@2870
   138
                | PEP_STATUS «@name»(PEP_SESSION session, bool *result);
vb@2870
   139
            ||
vb@2834
   140
vb@2870
   141
            // actions
vb@2829
   142
vb@2870
   143
            ||
vb@2870
   144
            for "func:distinctName(*//action)"
vb@2870
   145
                | PEP_STATUS «@name»(PEP_SESSION session);
vb@2870
   146
            ||
vb@2829
   147
vb@2870
   148
            // send message about an event to communication partners using state
vb@2829
   149
vb@2870
   150
            PEP_STATUS send_«@name»_message(
vb@2870
   151
                    PEP_SESSION session, 
vb@2870
   152
                    «@name»_PR fsm,
vb@2870
   153
                    int message_type
vb@2870
   154
                );
vb@2829
   155
vb@2870
   156
            // receive message and store it in state
vb@2829
   157
vb@2870
   158
            PEP_STATUS recv_«@name»_event(
vb@2870
   159
                    PEP_SESSION session,
vb@2870
   160
                    «@name»_event_t *ev
vb@2870
   161
                );
vb@2870
   162
        
vb@2870
   163
            // state machine driver
vb@2870
   164
            // if fsm or event set to 0 use fields in src if present
vb@2829
   165
vb@2870
   166
            PEP_STATUS «@name»_driver(
vb@2870
   167
                    PEP_SESSION session,
vb@2870
   168
                    «@name»_PR fsm,
vb@2870
   169
                    int event
vb@2870
   170
                );
vb@2829
   171
vb@2888
   172
            // API being used by the engine internally
vb@2888
   173
vb@2888
   174
            // call this if you need to signal an external event
vb@2888
   175
vb@2880
   176
            PEP_STATUS signal_«@name»_event(
vb@2870
   177
                    PEP_SESSION session, 
vb@2870
   178
                    «@name»_PR fsm,
vb@2870
   179
                    int event
vb@2870
   180
                );
vb@2888
   181
            
vb@2889
   182
            // call this if you are a transport and are receiving
vb@2889
   183
            // a «@name» message
vb@2829
   184
vb@2888
   185
            PEP_STATUS signal_«@name»_message(
vb@2888
   186
                    PEP_SESSION session, 
vb@2888
   187
                    PEP_rating rating,
vb@2888
   188
                    const char *data,
vb@2888
   189
                    size_t size
vb@2888
   190
                );
vb@2829
   191
vb@2870
   192
            #ifdef __cplusplus
vb@2870
   193
            }
vb@2870
   194
            #endif
vb@2829
   195
vb@2870
   196
            ||
vb@2829
   197
        }
vb@2829
   198
vb@2870
   199
        document "generated/{@name}_impl.c", "text" {
vb@2870
   200
            ||
vb@2870
   201
            // This file is under GNU General Public License 3.0
vb@2870
   202
            // see LICENSE.txt
vb@2870
   203
        
vb@2870
   204
            #include "«@name»_impl.h"
vb@2870
   205
            #include "pEp_internal.h"
vb@2870
   206
            #include "«@name»_event.h"
vb@2870
   207
            #include "«@name»_codec.h"
vb@2870
   208
            #include "baseprotocol.h"
vb@2870
   209
            `` for "fsm" | #include "«@name»_fsm.h"
vb@2829
   210
vb@2870
   211
            PEP_STATUS «@name»_driver(
vb@2870
   212
                    PEP_SESSION session,
vb@2870
   213
                    «@name»_PR fsm,
vb@2870
   214
                    int event
vb@2870
   215
                )
vb@2870
   216
            {
vb@2870
   217
                assert(session && fsm);
vb@2870
   218
                if (!(session && fsm))
vb@2870
   219
                    return PEP_ILLEGAL_VALUE;
vb@2829
   220
vb@2870
   221
                int next_state = None;
vb@2870
   222
                do {
vb@2870
   223
                    switch (fsm) {
vb@2870
   224
                        `` apply "fsm", 3, mode=driver               
vb@2870
   225
                        default:
vb@2870
   226
                            return PEP_ILLEGAL_VALUE;
vb@2870
   227
                    }
vb@2870
   228
                }  while (next_state);
vb@2829
   229
vb@2870
   230
                return PEP_STATUS_OK;
vb@2829
   231
            }
vb@2829
   232
vb@2880
   233
            PEP_STATUS signal_«@name»_event(
vb@2870
   234
                    PEP_SESSION session, 
vb@2870
   235
                    «@name»_PR fsm,
vb@2870
   236
                    int event
vb@2870
   237
                )
vb@2870
   238
            {
vb@2870
   239
                «@name»_t *msg = NULL;
vb@2870
   240
                «@name»_event_t *ev = NULL;
vb@2870
   241
vb@2870
   242
                assert(session && fsm > 0 && event > None);
vb@2870
   243
                if (!(session && fsm > 0 && event > None))
vb@2870
   244
                    return PEP_ILLEGAL_VALUE;
vb@2870
   245
vb@2870
   246
                PEP_STATUS status = PEP_STATUS_OK;
vb@2870
   247
vb@2888
   248
                if (!session->inject_«yml:lcase(@name)»_event)
vb@2888
   249
                   return PEP_«yml:ucase(@name)»_NO_INJECT_CALLBACK;
vb@2870
   250
vb@2870
   251
                if (event < Extra) {
vb@2870
   252
                    msg = new_«@name»_message(fsm, event);
vb@2870
   253
                    if (!msg) {
vb@2870
   254
                        status = PEP_OUT_OF_MEMORY;
vb@2888
   255
                        goto the_end;
vb@2870
   256
                    }
vb@2870
   257
vb@2870
   258
                    status = update_«@name»_message(session, msg);
vb@2870
   259
                    if (status)
vb@2888
   260
                        goto the_end;
vb@2870
   261
                }
vb@2870
   262
vb@2888
   263
                ev = new_«@name»_event(fsm, event, msg);
vb@2870
   264
                if (!ev) {
vb@2870
   265
                    status = PEP_OUT_OF_MEMORY;
vb@2888
   266
                    goto the_end;
vb@2870
   267
                }
vb@2870
   268
vb@2870
   269
                int result = session->inject_«yml:lcase(@name)»_event(ev,
vb@2870
   270
                        session->«yml:lcase(@name)»_management);
vb@2870
   271
                if (result) {
vb@2870
   272
                    status = PEP_STATEMACHINE_ERROR;
vb@2888
   273
                    goto the_end;
vb@2870
   274
                }
vb@2888
   275
                return PEP_STATUS_OK;
vb@2870
   276
vb@2870
   277
            the_end:
vb@2888
   278
                free_«@name»_event(ev);
vb@2888
   279
                free_«@name»_message(msg);
vb@2870
   280
                return status;
vb@2870
   281
            }
vb@2870
   282
vb@2888
   283
            PEP_STATUS signal_«@name»_message(
vb@2870
   284
                    PEP_SESSION session, 
vb@2888
   285
                    PEP_rating rating,
vb@2888
   286
                    const char *data,
vb@2888
   287
                    size_t size
vb@2870
   288
                )
vb@2870
   289
            {
vb@2888
   290
                assert(session && data && size);
vb@2888
   291
                if (!(session && data && size))
vb@2870
   292
                    return PEP_ILLEGAL_VALUE;
vb@2870
   293
vb@2888
   294
                if (!session->inject_«yml:lcase(@name)»_event)
vb@2888
   295
                   return PEP_«yml:ucase(@name)»_NO_INJECT_CALLBACK;
vb@2870
   296
vb@2888
   297
                «@name»_t *msg = NULL;
vb@2888
   298
                PEP_STATUS status = decode_«@name»_message(data, size, &msg);
vb@2888
   299
                if (status)
vb@2888
   300
                    return status;
vb@2888
   301
vb@2890
   302
                «@name»_event_t *ev = NULL;
vb@2890
   303
vb@2890
   304
                switch (msg->present) {
vb@2890
   305
                    `` apply "fsm", 2, mode=signal_message
vb@2890
   306
                    default:
vb@2890
   307
                        status = PEP_«yml:ucase(@name)»_ILLEGAL_MESSAGE;
vb@2890
   308
                        goto the_end;
vb@2890
   309
                }
vb@2890
   310
vb@2890
   311
                ev = new_«@name»_event(None, None, msg);
vb@2888
   312
                if (!ev) {
vb@2829
   313
                    status = PEP_OUT_OF_MEMORY;
vb@2888
   314
                    goto the_end;
vb@2829
   315
                }
vb@2829
   316
vb@2888
   317
                int result = session->inject_«yml:lcase(@name)»_event(ev,
vb@2888
   318
                        session->«yml:lcase(@name)»_management);
vb@2888
   319
                if (result) {
vb@2888
   320
                    status = PEP_STATEMACHINE_ERROR;
vb@2888
   321
                    goto the_end;
vb@2888
   322
                }
vb@2888
   323
                return PEP_STATUS_OK;
vb@2868
   324
vb@2870
   325
            the_end:
vb@2888
   326
                free_«@name»_event(ev);
vb@2888
   327
                free_«@name»_message(msg);
vb@2870
   328
                return status;
vb@2868
   329
            }
vb@2841
   330
vb@2870
   331
            PEP_STATUS send_«@name»_message(
vb@2870
   332
                    PEP_SESSION session, 
vb@2870
   333
                    «@name»_PR fsm,
vb@2870
   334
                    int message_type
vb@2870
   335
                )
vb@2870
   336
            {
vb@2870
   337
                PEP_STATUS status = PEP_STATUS_OK;
vb@2870
   338
vb@2870
   339
                assert(session && fsm > None && message_type > None);
vb@2870
   340
                if (!(session && fsm > None && message_type > None))
vb@2870
   341
                    return PEP_ILLEGAL_VALUE;
vb@2870
   342
                
vb@2870
   343
                «@name»_t *msg = new_«@name»_message(fsm, message_type);
vb@2870
   344
                if (!msg)
vb@2870
   345
                    return PEP_OUT_OF_MEMORY;
vb@2870
   346
vb@2870
   347
                char *data = NULL;
vb@2870
   348
                message *m = NULL;
vb@2870
   349
                identity_list *channels = NULL;
vb@2870
   350
vb@2870
   351
                status = update_«@name»_message(session, msg);
vb@2870
   352
                if (status)
vb@2870
   353
                    goto the_end;
vb@2870
   354
vb@2870
   355
                size_t size = 0;
vb@2870
   356
                status = encode_«@name»_message(msg, &data, &size);
vb@2870
   357
                if (status)
vb@2870
   358
                    goto the_end;
vb@2840
   359
vb@2870
   360
                switch (message_type) {
vb@2871
   361
                    // these messages are being broadcasted
vb@2877
   362
                    `` for "fsm/message[@type='broadcast']" |>> case «../@name»__payload_PR_«yml:mixedCase(@name)»:
vb@2871
   363
                        status = _own_identities_retrieve(session, &channels, PEP_idf_not_for_«yml:lcase(@name)»);
vb@2875
   364
                        if (status)
vb@2870
   365
                            goto the_end;
vb@2871
   366
vb@2871
   367
                        if (!(channels && channels->ident)) {
vb@2871
   368
                            status = PEP_«yml:ucase(@name)»_NO_CHANNEL;
vb@2871
   369
                            goto the_end;
vb@2871
   370
                        }
vb@2870
   371
                        break;
vb@2829
   372
vb@2877
   373
                    // these go anycast; previously used address is sticky (unicast)
vb@2877
   374
                    `` for "fsm/message[@type='anycast']" |>> case «../@name»__payload_PR_«yml:mixedCase(@name)»:
vb@2870
   375
                        if (!session->«yml:lcase(@name)»_state.common.from `> |`|
vb@2870
   376
                            (session->«yml:lcase(@name)»_state.common.from->flags &
vb@2871
   377
                            PEP_idf_not_for_«yml:lcase(@name)»)) {
vb@2870
   378
vb@2870
   379
                            // no address available yet, try to find one
vb@2871
   380
                            status = _own_identities_retrieve(session, &channels, PEP_idf_not_for_«yml:lcase(@name)»);
vb@2870
   381
                            if (!status)
vb@2870
   382
                                goto the_end;
vb@2870
   383
                            break;
vb@2829
   384
vb@2870
   385
                            if (channels && channels->ident) {
vb@2870
   386
                                // only need the first one
vb@2870
   387
                                free_identity_list(channels->next);
vb@2870
   388
                                channels->next = NULL;
vb@2870
   389
                            }
vb@2870
   390
                            else {
vb@2871
   391
                                status = PEP_«yml:ucase(@name)»_NO_CHANNEL;
vb@2870
   392
                                goto the_end;
vb@2870
   393
                            }
vb@2870
   394
                        }
vb@2870
   395
                        else {
vb@2870
   396
                            pEp_identity *channel = identity_dup(session->«yml:lcase(@name)»_state.common.from);
vb@2870
   397
                            if (!channel) {
vb@2870
   398
                                status = PEP_OUT_OF_MEMORY;
vb@2870
   399
                                goto the_end;
vb@2870
   400
                            }
vb@2829
   401
vb@2870
   402
                            channels = new_identity_list(channel);
vb@2870
   403
                            if (!channels) {
vb@2870
   404
                                status = PEP_OUT_OF_MEMORY;
vb@2870
   405
                                goto the_end;
vb@2870
   406
                            }
vb@2870
   407
                        }
vb@2877
   408
vb@2877
   409
                    default:
vb@2877
   410
                        status = PEP_«yml:ucase(@name)»_ILLEGAL_MESSAGE;
vb@2877
   411
                        goto the_end;
vb@2829
   412
                }
vb@2870
   413
vb@2870
   414
                for (identity_list *li = channels; li && li->ident ; li = li->next) {
vb@2878
   415
                    message *_m = NULL;
vb@2878
   416
vb@2870
   417
                    status = base_prepare_message(
vb@2870
   418
                            li->ident,
vb@2870
   419
                            li->ident,
vb@2870
   420
                            data,
vb@2870
   421
                            size,
vb@2878
   422
                            &_m
vb@2870
   423
                        );
vb@2870
   424
                    if (status)
vb@2870
   425
                        goto the_end;
vb@2875
   426
                    data = NULL;
vb@2875
   427
vb@2878
   428
                    switch (message_type) {
vb@2878
   429
                    `` for "fsm/message[@security='unencrypted']" |>>> case «../@name»__payload_PR_«yml:mixedCase(@name)»:
vb@2878
   430
                            m = _m;
vb@2878
   431
                            break;
vb@2878
   432
vb@2878
   433
                        default:
vb@2878
   434
                            status = encrypt_message(session, _m, NULL, &m, PEP_enc_PEP, 0);
vb@2879
   435
                            if (status) {
vb@2879
   436
                                status = PEP_SYNC_CANNOT_ENCRYPT;
vb@2878
   437
                                goto the_end;
vb@2879
   438
                            }
vb@2878
   439
                            free_message(_m);
vb@2878
   440
                    }
vb@2878
   441
vb@2870
   442
                    status = session->messageToSend(session->«yml:lcase(@name)»_obj, m);
vb@2870
   443
                    m = NULL;
vb@2829
   444
                }
vb@2870
   445
vb@2870
   446
            the_end:
vb@2870
   447
                free_identity_list(channels);
vb@2870
   448
                free_message(m);
vb@2870
   449
                free(data);
vb@2870
   450
                free_«@name»_message(msg);
vb@2870
   451
                return status;
vb@2829
   452
            }
vb@2829
   453
vb@2870
   454
            PEP_STATUS recv_«@name»_event(
vb@2870
   455
                    PEP_SESSION session,
vb@2870
   456
                    «@name»_event_t *ev
vb@2870
   457
                )
vb@2870
   458
            {
vb@2870
   459
                assert(session && ev);
vb@2870
   460
                if (!(session && ev))
vb@2870
   461
                    return PEP_ILLEGAL_VALUE;
vb@2870
   462
vb@2870
   463
                PEP_STATUS status = PEP_STATUS_OK;
vb@2888
   464
                «@name»_PR fsm = (int) None;
vb@2888
   465
                int event = None;
vb@2870
   466
vb@2870
   467
                if (ev->event < Extra) {
vb@2870
   468
                    status = update_«@name»_state(session, ev->msg, &fsm, &event);
vb@2870
   469
                    if (status)
vb@2888
   470
                        goto the_end;
vb@2829
   471
vb@2870
   472
                    if (ev->fsm) {
vb@2870
   473
                        if (ev->fsm != fsm |`> |` ev->event != event) {
vb@2870
   474
                            status = PEP_«yml:ucase(@name)»_ILLEGAL_MESSAGE;
vb@2888
   475
                            goto the_end;
vb@2870
   476
                        }
vb@2870
   477
                    }
vb@2888
   478
                    else if (ev->event) {
vb@2888
   479
                        status = PEP_«yml:ucase(@name)»_ILLEGAL_MESSAGE;
vb@2888
   480
                        goto the_end;
vb@2870
   481
                    }
vb@2870
   482
                }
vb@2888
   483
                else {
vb@2888
   484
                    fsm = ev->fsm;
vb@2888
   485
                    event = ev->event;
vb@2888
   486
                }
vb@2870
   487
vb@2888
   488
                status = «@name»_driver(session, fsm, event);
vb@2870
   489
vb@2888
   490
            the_end:
vb@2888
   491
                free_«@name»_event(ev);
vb@2870
   492
                return status;
vb@2870
   493
            }
vb@2870
   494
vb@2870
   495
            ||
vb@2829
   496
        }
vb@2829
   497
vb@2829
   498
        apply "fsm", 0, mode=gen;
vb@2829
   499
    }
vb@2829
   500
vb@2890
   501
    template "fsm", mode=signal_message
vb@2890
   502
    {
vb@2890
   503
        ||
vb@2890
   504
        case «../@name»_PR_«yml:lcase(@name)»:
vb@2890
   505
            switch (msg->choice.«yml:lcase(@name)».payload.present) {
vb@2890
   506
                // these messages are going untested
vb@2890
   507
        `` for "message[@security='unencrypted']" |>> case «../@name»__payload_PR_«yml:mixedCase(@name)»:
vb@2890
   508
                    break;
vb@2890
   509
vb@2890
   510
                // these messages must arrive encrypted
vb@2890
   511
        `` for "message[@security='untrusted']" |>> case «../@name»__payload_PR_«yml:mixedCase(@name)»:
vb@2890
   512
                    if (rating < PEP_rating_reliable) {
vb@2890
   513
                        status = PEP_«yml:ucase(ancestor::protocol/@name)»_ILLEGAL_MESSAGE;
vb@2890
   514
                        goto the_end;
vb@2890
   515
                    }
vb@2890
   516
                    break;
vb@2890
   517
vb@2890
   518
                // these messages must come through a trusted channel
vb@2890
   519
        `` for "message[@security='trusted']" |>> case «ancestor::fsm/@name»__payload_PR_«yml:mixedCase(@name)»:
vb@2890
   520
                    if (rating < PEP_rating_trusted) {
vb@2890
   521
                        status = PEP_«yml:ucase(ancestor::protocol/@name)»_ILLEGAL_MESSAGE;
vb@2890
   522
                        goto the_end;
vb@2890
   523
                    }
vb@2890
   524
                    break;
vb@2890
   525
vb@2890
   526
                default:
vb@2890
   527
                    status = PEP_«yml:ucase(ancestor::protocol/@name)»_ILLEGAL_MESSAGE;
vb@2890
   528
                    goto the_end;
vb@2890
   529
            }
vb@2890
   530
            break;
vb@2890
   531
vb@2890
   532
        ||
vb@2890
   533
    }
vb@2890
   534
vb@2838
   535
    template "fsm", mode=event
vb@2838
   536
    {
vb@2838
   537
    ||
vb@2843
   538
    case «../@name»_PR_«yml:lcase(@name)»: {
vb@2839
   539
        switch (msg->choice.«yml:lcase(@name)».payload.present) {
vb@2838
   540
    ||
vb@2838
   541
    for "message"
vb@2838
   542
    ||
vb@2838
   543
            case «../@name»__payload_PR_«yml:mixedCase(@name)»:
vb@2838
   544
                ev->event = «@name»;
vb@2838
   545
                break;
vb@2838
   546
    ||
vb@2838
   547
    ||
vb@2838
   548
            default:
vb@2838
   549
                // unknown message type
vb@2838
   550
                free(ev);
vb@2838
   551
                return NULL;
vb@2838
   552
        }
vb@2838
   553
        break;
vb@2838
   554
    }
vb@2838
   555
vb@2838
   556
    ||
vb@2838
   557
    }
vb@2838
   558
vb@2829
   559
    template "fsm", mode=driver
vb@2829
   560
    ||
vb@2843
   561
    case «../@name»_PR_«yml:lcase(@name)»: {
vb@2839
   562
        int state = session->«yml:lcase(../@name)»_state.«yml:lcase(@name)».state;
vb@2839
   563
        next_state = fsm_«@name»(session, state, event);
vb@2838
   564
        if (next_state > None) {
vb@2838
   565
            session->«yml:lcase(../@name)»_state.«yml:lcase(@name)».state = next_state;
vb@2838
   566
            event = Init;
vb@2838
   567
        }
vb@2838
   568
        else if (next_state < None) {
vb@2829
   569
            return PEP_STATEMACHINE_ERROR - state;
vb@2838
   570
        }
vb@2829
   571
        break;
vb@2829
   572
    }
vb@2829
   573
vb@2829
   574
    ||
vb@2829
   575
vb@2829
   576
    template "fsm", mode=gen {
vb@2829
   577
        document "generated/{@name}_fsm.h", "text" {
vb@2829
   578
        ||
vb@2829
   579
        // This file is under GNU General Public License 3.0
vb@2829
   580
        // see LICENSE.txt
vb@2829
   581
vb@2829
   582
        #pragma once
vb@2829
   583
vb@2829
   584
        #include "«../@name»_impl.h"
vb@2829
   585
vb@2829
   586
        #ifdef __cplusplus
vb@2829
   587
        extern "C" {
vb@2829
   588
        #endif
vb@2829
   589
vb@2829
   590
        // state machine for «@name»
krista@2271
   591
krista@2271
   592
        // states
krista@2271
   593
krista@2271
   594
        typedef enum _«@name»_state {
vb@2829
   595
            «@name»_state_None = None,
vb@2829
   596
            «@name»_state_Init = Init,
vb@2829
   597
        ||
vb@2829
   598
        for "func:distinctName(state[not(@name='InitState')])"
vb@2829
   599
            |> «@name»`if "position()!=last()" > , `
vb@2829
   600
        ||
krista@2271
   601
        } «@name»_state;
krista@2271
   602
krista@2271
   603
        // events
krista@2271
   604
krista@2271
   605
        typedef enum _«@name»_event {
vb@2829
   606
            «@name»_event_None = None,
vb@2829
   607
            «@name»_event_Init = Init,
krista@2271
   608
        ||
vb@2829
   609
        for "func:distinctName(state/event[not(not(../../message/@name=@name))])" {
krista@2271
   610
            const "name", "@name";
vb@2829
   611
            |> «$name» = «/protocol/fsm/message[@name=$name]/@id»,
krista@2271
   612
        }
vb@2830
   613
        for "func:distinctName(state/event[not(not(../../external/@name=@name))])" {
vb@2830
   614
            const "name", "@name";
vb@2830
   615
            |> «$name» = «/protocol/fsm/external[@name=$name]/@id»,
vb@2830
   616
        }
vb@2829
   617
        |> «@name»_event_Extra = Extra,
vb@2830
   618
        for "func:distinctName(state/event[not(../../message/@name=@name or ../../external/@name=@name)])" {
vb@2829
   619
            if "@name!='Init'"
vb@2829
   620
                |> «@name»`if "position()!=last()" > , `
vb@2829
   621
        }
krista@2271
   622
        ||
krista@2271
   623
        } «@name»_event;
krista@2271
   624
vb@2829
   625
        // state machine
krista@2271
   626
vb@2829
   627
        const char *«@name»_state_name(int state);
vb@2881
   628
        const char *«@name»_event_name(int event);
krista@2271
   629
vb@2838
   630
        // the state machine function is returning the next state in case of a
vb@2838
   631
        // transition or None for staying
vb@2838
   632
krista@2271
   633
        «@name»_state fsm_«@name»(
krista@2271
   634
                PEP_SESSION session,
krista@2271
   635
                «@name»_state state,
vb@2829
   636
                «@name»_event event
krista@2271
   637
            );
krista@2271
   638
krista@2271
   639
        #ifdef __cplusplus
krista@2271
   640
        }
krista@2271
   641
        #endif
krista@2271
   642
krista@2271
   643
        ||
krista@2271
   644
        }
vb@2829
   645
vb@2829
   646
        document "generated/{@name}_fsm.c", "text" {
krista@2271
   647
        ||
vb@2829
   648
        // This file is under GNU General Public License 3.0
vb@2829
   649
        // see LICENSE.txt
vb@2829
   650
vb@2829
   651
        #include "«@name»_fsm.h"
vb@2847
   652
        #include <stdlib.h>
krista@2271
   653
vb@2829
   654
        const char *«@name»_state_name(int state)
vb@2829
   655
        {
vb@2829
   656
            switch (state) {
vb@2829
   657
                case End:
vb@2829
   658
                    return "End";
vb@2829
   659
                case None:
vb@2829
   660
                    return "None";
vb@2829
   661
                case Init:
vb@2829
   662
                    return "InitState";
vb@2829
   663
        ||
vb@2829
   664
        for "func:distinctName(state[not(@name='InitState')])" {
vb@2829
   665
            |>> case «@name»:
vb@2829
   666
            |>>> return "«@name»";
vb@2829
   667
        }
vb@2829
   668
        ||
vb@2829
   669
                default:
vb@2829
   670
                    return "unknown state";
vb@2829
   671
            }
vb@2829
   672
        }
vb@2829
   673
vb@2881
   674
        const char *«@name»_event_name(int event)
vb@2881
   675
        {
vb@2881
   676
            switch (event) {
vb@2881
   677
                case None:
vb@2881
   678
                    return "None";
vb@2881
   679
                case Init:
vb@2881
   680
                    return "Init";
vb@2881
   681
        ||
vb@2881
   682
        for "func:distinctName(state/event[not(@name='Init')])" {
vb@2881
   683
            |>> case «@name»:
vb@2881
   684
            |>>> return "«@name»";
vb@2881
   685
        }
vb@2881
   686
        ||
vb@2881
   687
                default:
vb@2881
   688
                    return "unknown event";
vb@2881
   689
            }
vb@2881
   690
        }
vb@2881
   691
vb@2881
   692
vb@2829
   693
        static char *_str(int n, bool hex)
vb@2829
   694
        {
vb@2829
   695
            char *buf = calloc(1, 24);
vb@2829
   696
            assert(buf);
vb@2829
   697
            if (!buf)
vb@2829
   698
                return NULL;
krista@2271
   699
vb@2829
   700
            if (hex)
vb@2829
   701
                snprintf(buf, 24, "%.4x", n);
vb@2829
   702
            else
vb@2829
   703
                snprintf(buf, 24, "%d", n);
vb@2829
   704
            return buf;
vb@2829
   705
        }
krista@2271
   706
vb@2829
   707
        #define «@name»_ERR_LOG(t, d) log_event(session, (t), "«@name»", (d), "error")
vb@2829
   708
vb@2829
   709
        static PEP_STATUS _«@name»_ERR_LOG_int(PEP_SESSION session, char *t, int n, bool hex)
vb@2829
   710
        {
vb@2829
   711
            char *_buf = _str(n, hex);
vb@2829
   712
            if (!_buf)
vb@2829
   713
                return PEP_OUT_OF_MEMORY;
vb@2829
   714
            PEP_STATUS status = «@name»_ERR_LOG(t, _buf);
vb@2829
   715
            free(_buf);
vb@2829
   716
            return status;
vb@2829
   717
        }
vb@2829
   718
vb@2829
   719
        #define «@name»_ERR_LOG_INT(t, n) _«@name»_ERR_LOG_int(session, (t), (n), false)
vb@2829
   720
        #define «@name»_ERR_LOG_HEX(t, n) _«@name»_ERR_LOG_int(session, (t), (n), true)
vb@2829
   721
vb@2829
   722
        #ifndef SERVICE_LOG
vb@2829
   723
        // SERVICE LOG is meant to check session->service_log in runtime config;
vb@2829
   724
        // for older engines log more than needed
vb@2829
   725
        #define SERVICE_LOG(session, t, n, d) log_event((session), (t), (n), (d), "service")
vb@2829
   726
        #endif 
vb@2829
   727
vb@2829
   728
        #define «@name»_SERVICE_LOG(t, d) SERVICE_LOG(session, (t), "«@name»", (d))
vb@2829
   729
vb@2829
   730
        «@name»_state fsm_«@name»(
krista@2271
   731
                PEP_SESSION session,
vb@2829
   732
                «@name»_state state,
vb@2829
   733
                «@name»_event event
krista@2271
   734
            )
krista@2271
   735
        {
krista@2271
   736
            assert(session);
krista@2271
   737
            if (!session)
vb@2829
   738
                return invalid_state;
krista@2271
   739
krista@2271
   740
            switch (state) {
vb@2829
   741
                case None:
vb@2838
   742
                    return «@name»_state_Init;
vb@2829
   743
                
vb@2829
   744
                `` apply "state", 2, mode=fsm
krista@2271
   745
                default:
vb@2838
   746
                    «@name»_ERR_LOG_INT("invalid state", state);
vb@2829
   747
                    return invalid_state;
krista@2271
   748
            }
vb@2829
   749
            
vb@2838
   750
            return None;
krista@2271
   751
        }
krista@2271
   752
krista@2271
   753
        ||
vb@2829
   754
        }
krista@2271
   755
    }
vb@2829
   756
    
vb@2829
   757
    template "state", mode=fsm {
vb@2829
   758
        choose {
vb@2829
   759
            when "@name='InitState'" | case «../@name»_state_Init:
vb@2829
   760
            otherwise | case «@name»:
vb@2829
   761
        }
krista@2271
   762
        ||
vb@2829
   763
            «../@name»_SERVICE_LOG("in state", "«@name»");
krista@2271
   764
vb@2829
   765
            switch (event) {
vb@2829
   766
                case None:
vb@2829
   767
                    «../@name»_SERVICE_LOG("received None event", "ignoring");
vb@2838
   768
                    break;
vb@2829
   769
     
vb@2838
   770
        ||
vb@2838
   771
        if "not(event[@name='Init'])"
vb@2838
   772
        ||
vb@2838
   773
                case Init:
vb@2838
   774
                    // nothing to do
vb@2838
   775
                    break;
vb@2838
   776
vb@2838
   777
        ||
vb@2838
   778
        ||
vb@2829
   779
                `` apply "event", 2, mode=fsm
vb@2829
   780
                default:
vb@2885
   781
                    // ignore events not handled here
vb@2885
   782
                    «../@name»_SERVICE_LOG("ignoring event", KeySync_event_name(event));
vb@2885
   783
                    break;
vb@2829
   784
            }
vb@2829
   785
            break;
krista@2271
   786
krista@2271
   787
        ||
vb@2829
   788
    }
vb@2829
   789
vb@2829
   790
    template "event", mode=fsm {
vb@2829
   791
        | case «@name»: {
vb@2865
   792
        if "condition|action|send" |> PEP_STATUS status;
vb@2829
   793
        if "condition" |> bool result = false;
vb@2865
   794
        if "condition|action|send" |
vb@2829
   795
        ||
vb@2829
   796
            «../../@name»_SERVICE_LOG("received event", "«@name»");
vb@2865
   797
            `` apply "transition|action|condition|send";
vb@2829
   798
        ||
vb@2829
   799
        if "name(*[last()])!='transition'" {
vb@2829
   800
            |
vb@2843
   801
            |> «../../@name»_SERVICE_LOG("remaining in state", "«../@name»");
vb@2829
   802
            |> break;
vb@2829
   803
        }
vb@2829
   804
        ||
vb@2829
   805
        }
vb@2829
   806
        
vb@2829
   807
        ||
vb@2829
   808
    }
vb@2829
   809
vb@2829
   810
    template "transition" {
vb@2865
   811
        const "fsm", "ancestor::fsm";
krista@2271
   812
        ||
krista@2271
   813
vb@2829
   814
        «$fsm/@name»_SERVICE_LOG("transition to state", "«@target»");
vb@2838
   815
        return «@target»;
krista@2271
   816
        ||
vb@2829
   817
    }
vb@2829
   818
vb@2865
   819
    template "send" {
vb@2865
   820
        const "fsm", "ancestor::fsm";
vb@2865
   821
        const "protocol", "ancestor::protocol";
vb@2865
   822
        ||
krista@2271
   823
vb@2865
   824
        «$fsm/@name»_SERVICE_LOG("send message", "«@name»");
vb@2865
   825
        status = send_«$protocol/@name»_message(session, «$fsm/@id», «$fsm/@name»__payload_PR_«yml:mixedCase(@name)»);
vb@2865
   826
        ||
vb@2865
   827
    }
krista@2271
   828
vb@2865
   829
    template "action" {
vb@2865
   830
        const "fsm", "ancestor::fsm";
krista@2271
   831
        ||
vb@2865
   832
vb@2865
   833
        «$fsm/@name»_SERVICE_LOG("do action", "«@name»");
vb@2865
   834
        status = «@name»(session);
vb@2829
   835
        if (status) {
vb@2829
   836
            «$fsm/@name»_ERR_LOG_HEX("executing action «@name»() failed", status);
vb@2829
   837
            return invalid_action;
krista@2271
   838
        }
krista@2271
   839
        ||
krista@2271
   840
    }
krista@2271
   841
vb@2829
   842
    template "condition" {
vb@2865
   843
        const "fsm", "ancestor::fsm";
krista@2271
   844
        ||
krista@2271
   845
vb@2829
   846
        status = «@name»(session, &result);
vb@2829
   847
        if (status) {
vb@2829
   848
            «$fsm/@name»_ERR_LOG_HEX("computing condition «@name» failed", status);
vb@2829
   849
            return invalid_condition;
krista@2271
   850
        }
vb@2829
   851
        if (result) {
vb@2843
   852
            «$fsm/@name»_SERVICE_LOG("condition applies", "«@name»");
vb@2829
   853
        ||
vb@2865
   854
        apply "transition|action|condition|send";
krista@2271
   855
        | }
krista@2271
   856
    }
krista@2271
   857
}
krista@2271
   858