]> git.ipfire.org Git - thirdparty/strongswan.git/blob - src/libcharon/processing/jobs/delete_ike_sa_job.c
projects / thirdparty / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright headers after acquisition by secunet
[thirdparty/strongswan.git] / src / libcharon / processing / jobs / delete_ike_sa_job.c
1 /*
2 * Copyright (C) 2005-2006 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 *
5 * Copyright (C) secunet Security Networks AG
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include "delete_ike_sa_job.h"
19
20 #include <daemon.h>
21
22 typedef struct private_delete_ike_sa_job_t private_delete_ike_sa_job_t;
23
24 /**
25 * Private data of an delete_ike_sa_job_t Object
26 */
27 struct private_delete_ike_sa_job_t {
28 /**
29 * public delete_ike_sa_job_t interface
30 */
31 delete_ike_sa_job_t public;
32
33 /**
34 * ID of the ike_sa to delete
35 */
36 ike_sa_id_t *ike_sa_id;
37
38 /**
39 * Should the IKE_SA be deleted if it is in ESTABLISHED state?
40 */
41 bool delete_if_established;
42 };
43
44
45 METHOD(job_t, destroy, void,
46 private_delete_ike_sa_job_t *this)
47 {
48 this->ike_sa_id->destroy(this->ike_sa_id);
49 free(this);
50 }
51
52 METHOD(job_t, execute, job_requeue_t,
53 private_delete_ike_sa_job_t *this)
54 {
55 ike_sa_t *ike_sa;
56
57 ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
58 this->ike_sa_id);
59 if (ike_sa)
60 {
61 if (ike_sa->get_state(ike_sa) == IKE_PASSIVE)
62 {
63 charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
64 return JOB_REQUEUE_NONE;
65 }
66 if (this->delete_if_established)
67 {
68 if (ike_sa->delete(ike_sa, FALSE) == DESTROY_ME)
69 {
70 charon->ike_sa_manager->checkin_and_destroy(
71 charon->ike_sa_manager, ike_sa);
72 }
73 else
74 {
75 charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
76 }
77 }
78 else
79 {
80 /* destroy IKE_SA only if it did not complete connecting phase */
81 if (ike_sa->get_state(ike_sa) != IKE_CONNECTING)
82 {
83 charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
84 }
85 else if (ike_sa->get_version(ike_sa) == IKEV1 &&
86 ike_sa->has_condition(ike_sa, COND_ORIGINAL_INITIATOR))
87 { /* as initiator we waited for the peer to initiate e.g. an
88 * XAuth exchange, reauth the SA to eventually trigger DPD */
89 DBG1(DBG_JOB, "peer did not initiate expected exchange, "
90 "reestablishing IKE_SA");
91 ike_sa->reauth(ike_sa);
92 charon->ike_sa_manager->checkin_and_destroy(
93 charon->ike_sa_manager, ike_sa);
94 }
95 else
96 {
97 DBG1(DBG_JOB, "deleting half open IKE_SA with %H after "
98 "timeout", ike_sa->get_other_host(ike_sa));
99 charon->bus->alert(charon->bus, ALERT_HALF_OPEN_TIMEOUT);
100 charon->ike_sa_manager->checkin_and_destroy(
101 charon->ike_sa_manager, ike_sa);
102 }
103 }
104 }
105 return JOB_REQUEUE_NONE;
106 }
107
108 METHOD(job_t, get_priority, job_priority_t,
109 private_delete_ike_sa_job_t *this)
110 {
111 return JOB_PRIO_MEDIUM;
112 }
113
114 /*
115 * Described in header
116 */
117 delete_ike_sa_job_t *delete_ike_sa_job_create(ike_sa_id_t *ike_sa_id,
118 bool delete_if_established)
119 {
120 private_delete_ike_sa_job_t *this;
121
122 INIT(this,
123 .public = {
124 .job_interface = {
125 .execute = _execute,
126 .get_priority = _get_priority,
127 .destroy = _destroy,
128 },
129 },
130 .ike_sa_id = ike_sa_id->clone(ike_sa_id),
131 .delete_if_established = delete_if_established,
132 );
133
134 return &(this->public);
135 }
Unnamed repository; edit this file 'description' to name the repository.