]> git.ipfire.org Git - thirdparty/strongswan.git/blame - src/libcharon/sa/ikev2/tasks/ike_mobike.c
projects / thirdparty / strongswan.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
libhydra: Move kernel interface to libcharon
[thirdparty/strongswan.git] / src / libcharon / sa / ikev2 / tasks / ike_mobike.c
CommitLineData
17d92e97 1/*
03f61ba3 2 * Copyright (C) 2010-2014 Tobias Brunner
17d92e97
MW		 3 * Copyright (C) 2007 Martin Willi
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17#include "ike_mobike.h"
18
19#include <string.h>
20
21#include <daemon.h>
15a682f4 22#include <sa/ikev2/tasks/ike_natd.h>
17d92e97
MW		 23#include <encoding/payloads/notify_payload.h>
24
85a119bc 25#define COOKIE2_SIZE 16
a1466a3e 26#define MAX_ADDITIONAL_ADDRS 8
17d92e97
MW		 27
28typedef struct private_ike_mobike_t private_ike_mobike_t;
29
30/**
31 * Private members of a ike_mobike_t task.
32 */
33struct private_ike_mobike_t {
7daf5226 34
17d92e97
MW		 35 /**
36 * Public methods and task_t interface.
37 */
38 ike_mobike_t public;
7daf5226 39
17d92e97
MW		 40 /**
41 * Assigned IKE_SA.
42 */
43 ike_sa_t *ike_sa;
7daf5226 44
17d92e97
MW		 45 /**
46 * Are we the initiator?
47 */
48 bool initiator;
7daf5226 49
17d92e97 50 /**
3bc62fe7 51 * cookie2 value to verify new addresses
17d92e97 52 */
3bc62fe7 53 chunk_t cookie2;
7daf5226 54
17d92e97 55 /**
a09972df 56 * NAT discovery reusing the TASK_IKE_NATD task
17d92e97 57 */
3bc62fe7 58 ike_natd_t *natd;
7daf5226 59
4cb9d7a7 60 /**
3bc62fe7 61 * use task to update addresses
4cb9d7a7 62 */
5474dc65 63 bool update;
7daf5226 64
5474dc65
MW		 65 /**
66 * do routability check
67 */
68 bool check;
7daf5226 69
4cb9d7a7 70 /**
3bc62fe7 71 * include address list update
4cb9d7a7 72 */
3bc62fe7 73 bool address;
769c69fa
TB		 74
75 /**
76 * additional addresses got updated
77 */
78 bool addresses_updated;
03f61ba3
TB		 79
80 /**
81 * whether the pending updates counter was increased
82 */
83 bool pending_update;
17d92e97
MW		 84};
85
17d92e97
MW		 86/**
87 * read notifys from message and evaluate them
88 */
89static void process_payloads(private_ike_mobike_t *this, message_t *message)
90{
a44bb934 91 enumerator_t *enumerator;
17d92e97
MW		 92 payload_t *payload;
93 bool first = TRUE;
7daf5226 94
a44bb934
MW		 95 enumerator = message->create_payload_enumerator(message);
96 while (enumerator->enumerate(enumerator, &payload))
17d92e97
MW		 97 {
98 int family = AF_INET;
99 notify_payload_t *notify;
100 chunk_t data;
101 host_t *host;
7daf5226 102
3ecfc83c 103 if (payload->get_type(payload) != PLV2_NOTIFY)
17d92e97
MW		 104 {
105 continue;
106 }
107 notify = (notify_payload_t*)payload;
108 switch (notify->get_notify_type(notify))
109 {
110 case MOBIKE_SUPPORTED:
111 {
78279973 112 peer_cfg_t *peer_cfg;
7daf5226 113
78279973 114 peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
7daf5226 115 if (!this->initiator &&
78279973
MW		 116 peer_cfg && !peer_cfg->use_mobike(peer_cfg))
117 {
118 DBG1(DBG_IKE, "peer supports MOBIKE, but disabled in config");
119 }
120 else
121 {
122 DBG1(DBG_IKE, "peer supports MOBIKE");
123 this->ike_sa->enable_extension(this->ike_sa, EXT_MOBIKE);
124 }
17d92e97
MW		 125 break;
126 }
85a119bc
MW		 127 case COOKIE2:
128 {
129 chunk_free(&this->cookie2);
130 this->cookie2 = chunk_clone(notify->get_notification_data(notify));
131 break;
132 }
17d92e97
MW		 133 case ADDITIONAL_IP6_ADDRESS:
134 {
135 family = AF_INET6;
136 /* fall through */
137 }
138 case ADDITIONAL_IP4_ADDRESS:
139 {
140 if (first)
141 { /* an ADDITIONAL_*_ADDRESS means replace, so flush once */
94bbc602 142 this->ike_sa->clear_peer_addresses(this->ike_sa);
4cb9d7a7 143 first = FALSE;
2fe624cc 144 /* add the peer's current address to the list */
53915f14 145 host = message->get_source(message);
94bbc602
TB		 146 this->ike_sa->add_peer_address(this->ike_sa,
147 host->clone(host));
17d92e97
MW		 148 }
149 data = notify->get_notification_data(notify);
150 host = host_create_from_chunk(family, data, 0);
151 DBG2(DBG_IKE, "got additional MOBIKE peer address: %H", host);
94bbc602 152 this->ike_sa->add_peer_address(this->ike_sa, host);
769c69fa 153 this->addresses_updated = TRUE;
17d92e97
MW		 154 break;
155 }
3bc62fe7
MW		 156 case UPDATE_SA_ADDRESSES:
157 {
5474dc65 158 this->update = TRUE;
3bc62fe7
MW		 159 break;
160 }
17d92e97
MW		 161 case NO_ADDITIONAL_ADDRESSES:
162 {
94bbc602 163 this->ike_sa->clear_peer_addresses(this->ike_sa);
2fe624cc 164 /* add the peer's current address to the list */
53915f14 165 host = message->get_source(message);
94bbc602 166 this->ike_sa->add_peer_address(this->ike_sa, host->clone(host));
769c69fa 167 this->addresses_updated = TRUE;
17d92e97
MW		 168 break;
169 }
fc2d1c42
MW		 170 case NAT_DETECTION_SOURCE_IP:
171 case NAT_DETECTION_DESTINATION_IP:
172 {
173 /* NAT check in this MOBIKE exchange, create subtask for it */
174 if (this->natd == NULL)
175 {
176 this->natd = ike_natd_create(this->ike_sa, this->initiator);
177 }
178 break;
179 }
17d92e97
MW		 180 default:
181 break;
182 }
183 }
a44bb934 184 enumerator->destroy(enumerator);
17d92e97
MW		 185}
186
187/**
188 * Add ADDITIONAL_*_ADDRESS notifys depending on our address list
189 */
190static void build_address_list(private_ike_mobike_t *this, message_t *message)
191{
507f26f6 192 enumerator_t *enumerator;
17d92e97
MW		 193 host_t *host, *me;
194 notify_type_t type;
a1466a3e 195 int added = 0;
7daf5226 196
17d92e97 197 me = this->ike_sa->get_my_host(this->ike_sa);
8394ea2a
TB		 198 enumerator = charon->kernel->create_address_enumerator(charon->kernel,
199 ADDR_TYPE_REGULAR);
507f26f6 200 while (enumerator->enumerate(enumerator, (void**)&host))
17d92e97
MW		 201 {
202 if (me->ip_equals(me, host))
203 { /* "ADDITIONAL" means do not include IKE_SAs host */
204 continue;
205 }
206 switch (host->get_family(host))
207 {
208 case AF_INET:
209 type = ADDITIONAL_IP4_ADDRESS;
210 break;
211 case AF_INET6:
212 type = ADDITIONAL_IP6_ADDRESS;
213 break;
214 default:
215 continue;
216 }
217 message->add_notify(message, FALSE, type, host->get_address(host));
a1466a3e
MW		 218 if (++added >= MAX_ADDITIONAL_ADDRS)
219 { /* limit number of notifys, some implementations do not like too
220 * many of them (f.e. strongSwan ;-) */
221 break;
222 }
17d92e97 223 }
a1466a3e 224 if (!added)
17d92e97
MW		 225 {
226 message->add_notify(message, FALSE, NO_ADDITIONAL_ADDRESSES, chunk_empty);
227 }
507f26f6 228 enumerator->destroy(enumerator);
17d92e97
MW		 229}
230
85a119bc 231/**
7daf5226 232 * build a cookie and add it to the message
85a119bc 233 */
50491834 234static bool build_cookie(private_ike_mobike_t *this, message_t *message)
85a119bc
MW		 235{
236 rng_t *rng;
237
238 chunk_free(&this->cookie2);
239 rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
50491834 240 if (!rng || !rng->allocate_bytes(rng, COOKIE2_SIZE, &this->cookie2))
85a119bc 241 {
50491834
TB		 242 DESTROY_IF(rng);
243 return FALSE;
85a119bc 244 }
50491834
TB		 245 message->add_notify(message, FALSE, COOKIE2, this->cookie2);
246 rng->destroy(rng);
247 return TRUE;
85a119bc
MW		 248}
249
3bc62fe7
MW		 250/**
251 * update addresses of associated CHILD_SAs
252 */
253static void update_children(private_ike_mobike_t *this)
254{
4bbce1ef 255 enumerator_t *enumerator;
3bc62fe7 256 child_sa_t *child_sa;
101d26ba 257 linked_list_t *vips;
38227d0e 258 status_t status;
101d26ba
MW		 259 host_t *host;
260
261 vips = linked_list_create();
262
263 enumerator = this->ike_sa->create_virtual_ip_enumerator(this->ike_sa, TRUE);
264 while (enumerator->enumerate(enumerator, &host))
265 {
266 vips->insert_last(vips, host);
267 }
268 enumerator->destroy(enumerator);
7daf5226 269
4bbce1ef
TB		 270 enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
271 while (enumerator->enumerate(enumerator, (void**)&child_sa))
3bc62fe7 272 {
38227d0e
MW		 273 status = child_sa->update(child_sa,
274 this->ike_sa->get_my_host(this->ike_sa),
275 this->ike_sa->get_other_host(this->ike_sa), vips,
276 this->ike_sa->has_condition(this->ike_sa, COND_NAT_ANY));
277 switch (status)
ea625fab 278 {
38227d0e
MW		 279 case NOT_SUPPORTED:
280 this->ike_sa->rekey_child_sa(this->ike_sa,
281 child_sa->get_protocol(child_sa),
282 child_sa->get_spi(child_sa, TRUE));
283 break;
284 case SUCCESS:
285 charon->child_sa_manager->remove(charon->child_sa_manager,
286 child_sa);
287 charon->child_sa_manager->add(charon->child_sa_manager,
288 child_sa, this->ike_sa);
289 break;
290 default:
291 break;
ea625fab 292 }
3bc62fe7 293 }
4bbce1ef 294 enumerator->destroy(enumerator);
101d26ba
MW		 295
296 vips->destroy(vips);
3bc62fe7
MW		 297}
298
cc2eadde 299/**
be901342 300 * Apply the port of the old host, if its ip equals the new, use port otherwise.
cc2eadde 301 */
e7ea057f 302static void apply_port(host_t *host, host_t *old, u_int16_t port, bool local)
cc2eadde
MW		 303{
304 if (host->ip_equals(host, old))
305 {
be901342 306 port = old->get_port(old);
cc2eadde 307 }
b223d517 308 else if (local && port == charon->socket->get_port(charon->socket, FALSE))
cc2eadde 309 {
b223d517
TB		 310 port = charon->socket->get_port(charon->socket, TRUE);
311 }
312 else if (!local && port == IKEV2_UDP_PORT)
313 {
314 port = IKEV2_NATT_PORT;
cc2eadde 315 }
be901342 316 host->set_port(host, port);
cc2eadde
MW		 317}
318
7840952e 319METHOD(ike_mobike_t, transmit, bool,
c817e7bb 320 private_ike_mobike_t *this, packet_t *packet)
5474dc65
MW		 321{
322 host_t *me, *other, *me_old, *other_old;
572abc6c 323 enumerator_t *enumerator;
cc2eadde 324 ike_cfg_t *ike_cfg;
5474dc65 325 packet_t *copy;
c5a5bc85 326 int family = AF_UNSPEC;
7840952e 327 bool found = FALSE;
7daf5226 328
8956dcec
TB		 329 me_old = this->ike_sa->get_my_host(this->ike_sa);
330 other_old = this->ike_sa->get_other_host(this->ike_sa);
331 ike_cfg = this->ike_sa->get_ike_cfg(this->ike_sa);
332
5474dc65
MW		 333 if (!this->check)
334 {
8394ea2a 335 me = charon->kernel->get_source_addr(charon->kernel, other_old, me_old);
8956dcec
TB		 336 if (me)
337 {
338 if (me->ip_equals(me, me_old))
339 {
72cc029e
TB		 340 copy = packet->clone(packet);
341 /* hosts might have been updated by a peer's MOBIKE exchange */
342 copy->set_source(copy, me_old->clone(me_old));
343 copy->set_destination(copy, other_old->clone(other_old));
344 charon->sender->send(charon->sender, copy);
8956dcec
TB		 345 me->destroy(me);
346 return TRUE;
347 }
348 me->destroy(me);
349 }
350 this->check = TRUE;
5474dc65
MW		 351 }
352
c5a5bc85
TB		 353 switch (charon->socket->supported_families(charon->socket))
354 {
355 case SOCKET_FAMILY_IPV4:
356 family = AF_INET;
357 break;
358 case SOCKET_FAMILY_IPV6:
359 family = AF_INET6;
360 break;
361 case SOCKET_FAMILY_BOTH:
362 case SOCKET_FAMILY_NONE:
363 break;
364 }
365
94bbc602 366 enumerator = this->ike_sa->create_peer_address_enumerator(this->ike_sa);
572abc6c 367 while (enumerator->enumerate(enumerator, (void**)&other))
5474dc65 368 {
c5a5bc85
TB		 369 if (family != AF_UNSPEC && other->get_family(other) != family)
370 {
371 continue;
372 }
8394ea2a 373 me = charon->kernel->get_source_addr(charon->kernel, other, NULL);
5474dc65
MW		 374 if (me)
375 {
376 /* reuse port for an active address, 4500 otherwise */
e7ea057f 377 apply_port(me, me_old, ike_cfg->get_my_port(ike_cfg), TRUE);
5474dc65 378 other = other->clone(other);
e7ea057f 379 apply_port(other, other_old, ike_cfg->get_other_port(ike_cfg), FALSE);
d9d69536 380 DBG1(DBG_IKE, "checking path %#H - %#H", me, other);
5474dc65
MW		 381 copy = packet->clone(packet);
382 copy->set_source(copy, me);
383 copy->set_destination(copy, other);
384 charon->sender->send(charon->sender, copy);
7840952e 385 found = TRUE;
5474dc65
MW		 386 }
387 }
572abc6c 388 enumerator->destroy(enumerator);
7840952e 389 return found;
5474dc65
MW		 390}
391
c817e7bb
TB		 392METHOD(task_t, build_i, status_t,
393 private_ike_mobike_t *this, message_t *message)
17d92e97 394{
31e7dc4d
TB		 395 if (message->get_exchange_type(message) == IKE_AUTH &&
396 message->get_message_id(message) == 1)
a44bb934 397 { /* only in first IKE_AUTH */
17d92e97
MW		 398 message->add_notify(message, FALSE, MOBIKE_SUPPORTED, chunk_empty);
399 build_address_list(this, message);
400 }
c8739590 401 else if (message->get_exchange_type(message) == INFORMATIONAL)
3bc62fe7 402 {
f0974eb2 403 host_t *old, *new;
7daf5226
MW		 404
405 /* we check if the existing address is still valid */
f0974eb2 406 old = message->get_source(message);
8394ea2a 407 new = charon->kernel->get_source_addr(charon->kernel,
f0974eb2
MW		 408 message->get_destination(message), old);
409 if (new)
410 {
411 if (!new->ip_equals(new, old))
412 {
413 new->set_port(new, old->get_port(old));
414 message->set_source(message, new);
415 }
416 else
417 {
418 new->destroy(new);
419 }
420 }
5474dc65 421 if (this->update)
fc2d1c42 422 {
31e7dc4d
TB		 423 message->add_notify(message, FALSE, UPDATE_SA_ADDRESSES,
424 chunk_empty);
50491834
TB		 425 if (!build_cookie(this, message))
426 {
427 return FAILED;
428 }
5474dc65 429 update_children(this);
fc2d1c42 430 }
1dbf0ed9 431 if (this->address && !this->check)
3bc62fe7
MW		 432 {
433 build_address_list(this, message);
434 }
5474dc65
MW		 435 if (this->natd)
436 {
437 this->natd->task.build(&this->natd->task, message);
438 }
4cb9d7a7 439 }
17d92e97
MW		 440 return NEED_MORE;
441}
442
c817e7bb
TB		 443METHOD(task_t, process_r, status_t,
444 private_ike_mobike_t *this, message_t *message)
4cb9d7a7 445{
31e7dc4d
TB		 446 if (message->get_exchange_type(message) == IKE_AUTH &&
447 message->get_message_id(message) == 1)
a44bb934 448 { /* only first IKE_AUTH */
4cb9d7a7
MW		 449 process_payloads(this, message);
450 }
fc2d1c42
MW		 451 else if (message->get_exchange_type(message) == INFORMATIONAL)
452 {
453 process_payloads(this, message);
5474dc65 454 if (this->update)
3bc62fe7
MW		 455 {
456 host_t *me, *other;
7daf5226 457
3bc62fe7
MW		 458 me = message->get_destination(message);
459 other = message->get_source(message);
460 this->ike_sa->set_my_host(this->ike_sa, me->clone(me));
461 this->ike_sa->set_other_host(this->ike_sa, other->clone(other));
462 }
7daf5226 463
fc2d1c42
MW		 464 if (this->natd)
465 {
466 this->natd->task.process(&this->natd->task, message);
467 }
769c69fa
TB		 468 if (this->addresses_updated && this->ike_sa->has_condition(this->ike_sa,
469 COND_ORIGINAL_INITIATOR))
470 {
471 host_t *other = message->get_source(message);
472 host_t *other_old = this->ike_sa->get_other_host(this->ike_sa);
473 if (!other->equals(other, other_old))
474 {
475 DBG1(DBG_IKE, "remote address changed from %H to %H", other_old,
476 other);
477 this->ike_sa->set_other_host(this->ike_sa, other->clone(other));
478 this->update = TRUE;
479 }
480 }
fc2d1c42 481 }
17d92e97
MW		 482 return NEED_MORE;
483}
484
c817e7bb
TB		 485METHOD(task_t, build_r, status_t,
486 private_ike_mobike_t *this, message_t *message)
17d92e97
MW		 487{
488 if (message->get_exchange_type(message) == IKE_AUTH &&
b8249ff5 489 this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
17d92e97
MW		 490 {
491 if (this->ike_sa->supports_extension(this->ike_sa, EXT_MOBIKE))
492 {
493 message->add_notify(message, FALSE, MOBIKE_SUPPORTED, chunk_empty);
494 build_address_list(this, message);
495 }
496 return SUCCESS;
497 }
2b3100b5
MW		 498 else if (message->get_exchange_type(message) == INFORMATIONAL)
499 {
fc2d1c42
MW		 500 if (this->natd)
501 {
502 this->natd->task.build(&this->natd->task, message);
503 }
85a119bc
MW		 504 if (this->cookie2.ptr)
505 {
506 message->add_notify(message, FALSE, COOKIE2, this->cookie2);
507 chunk_free(&this->cookie2);
508 }
5474dc65 509 if (this->update)
3bc62fe7
MW		 510 {
511 update_children(this);
512 }
2b3100b5
MW		 513 return SUCCESS;
514 }
17d92e97
MW		 515 return NEED_MORE;
516}
517
c817e7bb
TB		 518METHOD(task_t, process_i, status_t,
519 private_ike_mobike_t *this, message_t *message)
17d92e97
MW		 520{
521 if (message->get_exchange_type(message) == IKE_AUTH &&
b8249ff5 522 this->ike_sa->get_state(this->ike_sa) == IKE_ESTABLISHED)
17d92e97
MW		 523 {
524 process_payloads(this, message);
525 return SUCCESS;
526 }
2b3100b5
MW		 527 else if (message->get_exchange_type(message) == INFORMATIONAL)
528 {
03f61ba3 529 if (this->ike_sa->get_pending_updates(this->ike_sa) > 1)
3bc62fe7
MW		 530 {
531 /* newer update queued, ignore this one */
532 return SUCCESS;
533 }
85a119bc 534 if (this->cookie2.ptr)
9d9a772e 535 { /* check cookie if we included one */
85a119bc 536 chunk_t cookie2;
7daf5226 537
85a119bc
MW		 538 cookie2 = this->cookie2;
539 this->cookie2 = chunk_empty;
540 process_payloads(this, message);
161a0157 541 if (!chunk_equals_const(cookie2, this->cookie2))
85a119bc
MW		 542 {
543 chunk_free(&cookie2);
544 DBG1(DBG_IKE, "COOKIE2 mismatch, closing IKE_SA");
545 return FAILED;
546 }
547 chunk_free(&cookie2);
548 }
549 else
550 {
551 process_payloads(this, message);
552 }
fc2d1c42
MW		 553 if (this->natd)
554 {
555 this->natd->task.process(&this->natd->task, message);
9d9a772e
MW		 556 if (this->natd->has_mapping_changed(this->natd))
557 {
558 /* force an update if mappings have changed */
559 this->update = this->check = TRUE;
560 DBG1(DBG_IKE, "detected changes in NAT mappings, "
561 "initiating MOBIKE update");
562 }
fc2d1c42 563 }
5474dc65 564 if (this->update)
3bc62fe7
MW		 565 {
566 /* update again, as NAT state may have changed */
567 update_children(this);
568 }
5474dc65
MW		 569 if (this->check)
570 {
571 host_t *me_new, *me_old, *other_new, *other_old;
7daf5226 572
5474dc65
MW		 573 me_new = message->get_destination(message);
574 other_new = message->get_source(message);
575 me_old = this->ike_sa->get_my_host(this->ike_sa);
576 other_old = this->ike_sa->get_other_host(this->ike_sa);
7daf5226 577
5474dc65
MW		 578 if (!me_new->equals(me_new, me_old))
579 {
580 this->update = TRUE;
581 this->ike_sa->set_my_host(this->ike_sa, me_new->clone(me_new));
7daf5226 582 }
5474dc65
MW		 583 if (!other_new->equals(other_new, other_old))
584 {
585 this->update = TRUE;
586 this->ike_sa->set_other_host(this->ike_sa, other_new->clone(other_new));
587 }
588 if (this->update)
589 {
1dbf0ed9 590 /* use the same task to ... */
c5770f86
TB		 591 if (!this->ike_sa->has_condition(this->ike_sa,
592 COND_ORIGINAL_INITIATOR))
1dbf0ed9 593 { /*... send an updated list of addresses as responder */
c5770f86 594 update_children(this);
1dbf0ed9 595 this->update = FALSE;
c5770f86 596 }
1dbf0ed9
TB		 597 else
598 { /* ... send the update as original initiator */
599 if (this->natd)
600 {
601 this->natd->task.destroy(&this->natd->task);
602 }
603 this->natd = ike_natd_create(this->ike_sa, this->initiator);
12d4186f 604 }
1dbf0ed9 605 this->check = FALSE;
5474dc65
MW		 606 return NEED_MORE;
607 }
608 }
2b3100b5
MW		 609 return SUCCESS;
610 }
17d92e97
MW		 611 return NEED_MORE;
612}
613
13876431
TB		 614METHOD(ike_mobike_t, addresses, void,
615 private_ike_mobike_t *this)
616{
617 this->address = TRUE;
03f61ba3
TB		 618 if (!this->pending_update)
619 {
620 this->pending_update = TRUE;
621 this->ike_sa->set_pending_updates(this->ike_sa,
13876431 622 this->ike_sa->get_pending_updates(this->ike_sa) + 1);
03f61ba3 623 }
13876431
TB		 624}
625
c817e7bb
TB		 626METHOD(ike_mobike_t, roam, void,
627 private_ike_mobike_t *this, bool address)
17d92e97 628{
5474dc65 629 this->check = TRUE;
3bc62fe7 630 this->address = address;
03f61ba3
TB		 631 if (!this->pending_update)
632 {
633 this->pending_update = TRUE;
634 this->ike_sa->set_pending_updates(this->ike_sa,
c817e7bb 635 this->ike_sa->get_pending_updates(this->ike_sa) + 1);
03f61ba3 636 }
17d92e97
MW		 637}
638
c817e7bb
TB		 639METHOD(ike_mobike_t, dpd, void,
640 private_ike_mobike_t *this)
9d9a772e
MW		 641{
642 if (!this->natd)
643 {
644 this->natd = ike_natd_create(this->ike_sa, this->initiator);
645 }
03f61ba3
TB		 646 if (!this->pending_update)
647 {
648 this->pending_update = TRUE;
649 this->ike_sa->set_pending_updates(this->ike_sa,
c817e7bb 650 this->ike_sa->get_pending_updates(this->ike_sa) + 1);
03f61ba3 651 }
9d9a772e
MW		 652}
653
c817e7bb
TB		 654METHOD(ike_mobike_t, is_probing, bool,
655 private_ike_mobike_t *this)
f215e919
MW		 656{
657 return this->check;
658}
659
2180ace9
TB		 660METHOD(ike_mobike_t, enable_probing, void,
661 private_ike_mobike_t *this)
662{
663 this->check = TRUE;
664}
665
c817e7bb
TB		 666METHOD(task_t, get_type, task_type_t,
667 private_ike_mobike_t *this)
17d92e97 668{
a09972df 669 return TASK_IKE_MOBIKE;
17d92e97
MW		 670}
671
c817e7bb
TB		 672METHOD(task_t, migrate, void,
673 private_ike_mobike_t *this, ike_sa_t *ike_sa)
17d92e97 674{
4cb9d7a7 675 chunk_free(&this->cookie2);
17d92e97 676 this->ike_sa = ike_sa;
4cb9d7a7
MW		 677 if (this->natd)
678 {
679 this->natd->task.migrate(&this->natd->task, ike_sa);
680 }
40164bbe
TB		 681 if (this->pending_update)
682 {
683 this->ike_sa->set_pending_updates(this->ike_sa,
684 this->ike_sa->get_pending_updates(this->ike_sa) + 1);
685 }
17d92e97
MW		 686}
687
c817e7bb
TB		 688METHOD(task_t, destroy, void,
689 private_ike_mobike_t *this)
17d92e97 690{
03f61ba3
TB		 691 if (this->pending_update)
692 {
693 this->ike_sa->set_pending_updates(this->ike_sa,
694 this->ike_sa->get_pending_updates(this->ike_sa) - 1);
695 }
4cb9d7a7
MW		 696 chunk_free(&this->cookie2);
697 if (this->natd)
698 {
699 this->natd->task.destroy(&this->natd->task);
700 }
17d92e97
MW		 701 free(this);
702}
703
704/*
705 * Described in header.
706 */
707ike_mobike_t *ike_mobike_create(ike_sa_t *ike_sa, bool initiator)
708{
c817e7bb
TB		 709 private_ike_mobike_t *this;
710
711 INIT(this,
712 .public = {
713 .task = {
714 .get_type = _get_type,
715 .migrate = _migrate,
716 .destroy = _destroy,
717 },
13876431 718 .addresses = _addresses,
c817e7bb
TB		 719 .roam = _roam,
720 .dpd = _dpd,
721 .transmit = _transmit,
722 .is_probing = _is_probing,
2180ace9 723 .enable_probing = _enable_probing,
c817e7bb
TB		 724 },
725 .ike_sa = ike_sa,
726 .initiator = initiator,
c817e7bb 727 );
7daf5226 728
17d92e97
MW		 729 if (initiator)
730 {
c817e7bb
TB		 731 this->public.task.build = _build_i;
732 this->public.task.process = _process_i;
17d92e97
MW		 733 }
734 else
735 {
c817e7bb
TB		 736 this->public.task.build = _build_r;
737 this->public.task.process = _process_r;
17d92e97 738 }
7daf5226 739
17d92e97
MW		 740 return &this->public;
741}
Unnamed repository; edit this file 'description' to name the repository.