[thirdparty/strongswan.git] / src / libcharon / sa / ikev2 / tasks / ike_reauth.c

/*
 * Copyright (C) 2006-2008 Martin Willi
 *
 * Copyright (C) secunet Security Networks AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include "ike_reauth.h"

#include <daemon.h>
#include <sa/ikev2/tasks/ike_delete.h>


typedef struct private_ike_reauth_t private_ike_reauth_t;

/**
 * Private members of a ike_reauth_t task.
 */
struct private_ike_reauth_t {

	/**
	 * Public methods and task_t interface.
	 */
	ike_reauth_t public;

	/**
	 * Assigned IKE_SA.
	 */
	ike_sa_t *ike_sa;

	/**
	 * reused ike_delete task
	 */
	ike_delete_t *ike_delete;
};

METHOD(task_t, build_i, status_t,
	private_ike_reauth_t *this, message_t *message)
{
	return this->ike_delete->task.build(&this->ike_delete->task, message);
}

METHOD(task_t, process_i, status_t,
	private_ike_reauth_t *this, message_t *message)
{
	/* process delete response first */
	this->ike_delete->task.process(&this->ike_delete->task, message);

	/* reestablish the IKE_SA with all children */
	if (this->ike_sa->reestablish(this->ike_sa) != SUCCESS)
	{
		DBG1(DBG_IKE, "reauthenticating IKE_SA failed");
		return FAILED;
	}

	/* we always destroy the obsolete IKE_SA */
	return DESTROY_ME;
}

METHOD(task_t, get_type, task_type_t,
	private_ike_reauth_t *this)
{
	return TASK_IKE_REAUTH;
}

METHOD(task_t, migrate, void,
	private_ike_reauth_t *this, ike_sa_t *ike_sa)
{
	this->ike_delete->task.migrate(&this->ike_delete->task, ike_sa);
	this->ike_sa = ike_sa;
}

METHOD(task_t, destroy, void,
	private_ike_reauth_t *this)
{
	this->ike_delete->task.destroy(&this->ike_delete->task);
	free(this);
}

/*
 * Described in header.
 */
ike_reauth_t *ike_reauth_create(ike_sa_t *ike_sa)
{
	private_ike_reauth_t *this;

	INIT(this,
		.public = {
			.task = {
				.get_type = _get_type,
				.migrate = _migrate,
				.build = _build_i,
				.process = _process_i,
				.destroy = _destroy,
			},
		},
		.ike_sa = ike_sa,
		.ike_delete = ike_delete_create(ike_sa, TRUE),
	);

	return &this->public;
}
Commit	Line	Data
04f4e82d	1	/*
6a4ff35c	2	* Copyright (C) 2006-2008 Martin Willi
19ef2aec TB	3	*
19ef2aec TB	4	* Copyright (C) secunet Security Networks AG
04f4e82d MW	5	*
	6	* This program is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2 of the License, or (at your
	9	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	10	*
	11	* This program is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	13	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	14	* for more details.
	15	*/
	16
	17	#include "ike_reauth.h"
	18
	19	#include <daemon.h>
15a682f4	20	#include <sa/ikev2/tasks/ike_delete.h>
04f4e82d MW	21
	22
	23	typedef struct private_ike_reauth_t private_ike_reauth_t;
	24
	25	/**
	26	* Private members of a ike_reauth_t task.
	27	*/
	28	struct private_ike_reauth_t {
7daf5226	29
04f4e82d MW	30	/**
	31	* Public methods and task_t interface.
	32	*/
	33	ike_reauth_t public;
7daf5226	34
04f4e82d MW	35	/**
	36	* Assigned IKE_SA.
	37	*/
	38	ike_sa_t *ike_sa;
7daf5226	39
04f4e82d MW	40	/**
	41	* reused ike_delete task
	42	*/
	43	ike_delete_t *ike_delete;
	44	};
	45
7db8fd0d AS	46	METHOD(task_t, build_i, status_t,
7db8fd0d AS	47	private_ike_reauth_t this, message_t message)
04f4e82d MW	48	{
	49	return this->ike_delete->task.build(&this->ike_delete->task, message);
	50	}
	51
7db8fd0d AS	52	METHOD(task_t, process_i, status_t,
7db8fd0d AS	53	private_ike_reauth_t this, message_t message)
04f4e82d	54	{
04f4e82d MW	55	/* process delete response first */
04f4e82d MW	56	this->ike_delete->task.process(&this->ike_delete->task, message);
f6facbe7	57
23470d84 TB	58	/* reestablish the IKE_SA with all children */
23470d84 TB	59	if (this->ike_sa->reestablish(this->ike_sa) != SUCCESS)
04f4e82d	60	{
23470d84	61	DBG1(DBG_IKE, "reauthenticating IKE_SA failed");
04f4e82d MW	62	return FAILED;
04f4e82d MW	63	}
7daf5226	64
f69f0679 AS	65	/* we always destroy the obsolete IKE_SA */
f69f0679 AS	66	return DESTROY_ME;
04f4e82d MW	67	}
04f4e82d MW	68
7db8fd0d AS	69	METHOD(task_t, get_type, task_type_t,
7db8fd0d AS	70	private_ike_reauth_t *this)
04f4e82d	71	{
a09972df	72	return TASK_IKE_REAUTH;
04f4e82d MW	73	}
04f4e82d MW	74
7db8fd0d AS	75	METHOD(task_t, migrate, void,
7db8fd0d AS	76	private_ike_reauth_t this, ike_sa_t ike_sa)
04f4e82d MW	77	{
	78	this->ike_delete->task.migrate(&this->ike_delete->task, ike_sa);
	79	this->ike_sa = ike_sa;
	80	}
	81
7db8fd0d AS	82	METHOD(task_t, destroy, void,
7db8fd0d AS	83	private_ike_reauth_t *this)
04f4e82d MW	84	{
	85	this->ike_delete->task.destroy(&this->ike_delete->task);
	86	free(this);
	87	}
	88
	89	/*
	90	* Described in header.
	91	*/
	92	ike_reauth_t ike_reauth_create(ike_sa_t ike_sa)
	93	{
7db8fd0d AS	94	private_ike_reauth_t *this;
	95
	96	INIT(this,
	97	.public = {
	98	.task = {
	99	.get_type = _get_type,
	100	.migrate = _migrate,
	101	.build = _build_i,
	102	.process = _process_i,
	103	.destroy = _destroy,
	104	},
	105	},
	106	.ike_sa = ike_sa,
	107	.ike_delete = ike_delete_create(ike_sa, TRUE),
	108	);
7daf5226	109
04f4e82d MW	110	return &this->public;
04f4e82d MW	111	}