2 * Copyright (C) 2005-2006 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
5 * Copyright (C) secunet Security Networks AG
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 #include "delete_ike_sa_job.h"
22 typedef struct private_delete_ike_sa_job_t private_delete_ike_sa_job_t
;
25 * Private data of an delete_ike_sa_job_t Object
27 struct private_delete_ike_sa_job_t
{
29 * public delete_ike_sa_job_t interface
31 delete_ike_sa_job_t
public;
34 * ID of the ike_sa to delete
36 ike_sa_id_t
*ike_sa_id
;
39 * Should the IKE_SA be deleted if it is in ESTABLISHED state?
41 bool delete_if_established
;
45 METHOD(job_t
, destroy
, void,
46 private_delete_ike_sa_job_t
*this)
48 this->ike_sa_id
->destroy(this->ike_sa_id
);
52 METHOD(job_t
, execute
, job_requeue_t
,
53 private_delete_ike_sa_job_t
*this)
57 ike_sa
= charon
->ike_sa_manager
->checkout(charon
->ike_sa_manager
,
61 if (ike_sa
->get_state(ike_sa
) == IKE_PASSIVE
)
63 charon
->ike_sa_manager
->checkin(charon
->ike_sa_manager
, ike_sa
);
64 return JOB_REQUEUE_NONE
;
66 if (this->delete_if_established
)
68 if (ike_sa
->delete(ike_sa
, FALSE
) == DESTROY_ME
)
70 charon
->ike_sa_manager
->checkin_and_destroy(
71 charon
->ike_sa_manager
, ike_sa
);
75 charon
->ike_sa_manager
->checkin(charon
->ike_sa_manager
, ike_sa
);
80 /* destroy IKE_SA only if it did not complete connecting phase */
81 if (ike_sa
->get_state(ike_sa
) != IKE_CONNECTING
)
83 charon
->ike_sa_manager
->checkin(charon
->ike_sa_manager
, ike_sa
);
85 else if (ike_sa
->get_version(ike_sa
) == IKEV1
&&
86 ike_sa
->has_condition(ike_sa
, COND_ORIGINAL_INITIATOR
))
87 { /* as initiator we waited for the peer to initiate e.g. an
88 * XAuth exchange, reauth the SA to eventually trigger DPD */
89 DBG1(DBG_JOB
, "peer did not initiate expected exchange, "
90 "reestablishing IKE_SA");
91 ike_sa
->reauth(ike_sa
);
92 charon
->ike_sa_manager
->checkin_and_destroy(
93 charon
->ike_sa_manager
, ike_sa
);
97 DBG1(DBG_JOB
, "deleting half open IKE_SA with %H after "
98 "timeout", ike_sa
->get_other_host(ike_sa
));
99 charon
->bus
->alert(charon
->bus
, ALERT_HALF_OPEN_TIMEOUT
);
100 charon
->ike_sa_manager
->checkin_and_destroy(
101 charon
->ike_sa_manager
, ike_sa
);
105 return JOB_REQUEUE_NONE
;
108 METHOD(job_t
, get_priority
, job_priority_t
,
109 private_delete_ike_sa_job_t
*this)
111 return JOB_PRIO_MEDIUM
;
115 * Described in header
117 delete_ike_sa_job_t
*delete_ike_sa_job_create(ike_sa_id_t
*ike_sa_id
,
118 bool delete_if_established
)
120 private_delete_ike_sa_job_t
*this;
126 .get_priority
= _get_priority
,
130 .ike_sa_id
= ike_sa_id
->clone(ike_sa_id
),
131 .delete_if_established
= delete_if_established
,
134 return &(this->public);