charon->backends->add_backend(charon->backends, &this->backend.public);
/* install an acquiring trap */
- this->trap = charon->traps->install(charon->traps, peer_cfg, child_cfg, 0);
+ charon->traps->install(charon->traps, peer_cfg, child_cfg);
}
METHOD(ha_tunnel_t, destroy, void,
}
this->creds.local->destroy(this->creds.local);
this->creds.remote->destroy(this->creds.remote);
- if (this->trap)
- {
- charon->traps->uninstall(charon->traps, HA_CFG_NAME, HA_CFG_NAME);
- }
+ charon->traps->uninstall(charon->traps, HA_CFG_NAME, HA_CFG_NAME);
free(this);
}
list->destroy(list);
}
-/**
- * Find an existing CHILD_SA/reqid
- */
-static uint32_t find_reqid(child_cfg_t *child_cfg)
-{
- enumerator_t *enumerator, *children;
- child_sa_t *child_sa;
- ike_sa_t *ike_sa;
- char *name;
- uint32_t reqid;
-
- reqid = charon->traps->find_reqid(charon->traps, child_cfg);
- if (reqid)
- { /* already trapped */
- return reqid;
- }
-
- name = child_cfg->get_name(child_cfg);
- enumerator = charon->controller->create_ike_sa_enumerator(
- charon->controller, TRUE);
- while (enumerator->enumerate(enumerator, &ike_sa))
- {
- children = ike_sa->create_child_sa_enumerator(ike_sa);
- while (children->enumerate(children, (void**)&child_sa))
- {
- if (streq(name, child_sa->get_name(child_sa)))
- {
- reqid = child_sa->get_reqid(child_sa);
- break;
- }
- }
- children->destroy(children);
- if (reqid)
- {
- break;
- }
- }
- enumerator->destroy(enumerator);
- return reqid;
-}
-
/**
* call charon to install a shunt or trap
*/
char *name, FILE *out)
{
ipsec_mode_t mode;
- uint32_t reqid;
mode = child_cfg->get_mode(child_cfg);
if (mode == MODE_PASS || mode == MODE_DROP)
}
else
{
- reqid = find_reqid(child_cfg);
- if (charon->traps->install(charon->traps, peer_cfg, child_cfg, reqid))
+ if (charon->traps->install(charon->traps, peer_cfg, child_cfg))
{
fprintf(out, "'%s' routed\n", name);
}
return FALSE;
}
-/**
- * Find reqid of an existing CHILD_SA
- */
-static uint32_t find_reqid(child_cfg_t *cfg)
-{
- enumerator_t *enumerator, *children;
- child_sa_t *child_sa;
- ike_sa_t *ike_sa;
- uint32_t reqid;
-
- reqid = charon->traps->find_reqid(charon->traps, cfg);
- if (reqid)
- { /* already trapped */
- return reqid;
- }
-
- enumerator = charon->controller->create_ike_sa_enumerator(
- charon->controller, TRUE);
- while (!reqid && enumerator->enumerate(enumerator, &ike_sa))
- {
- children = ike_sa->create_child_sa_enumerator(ike_sa);
- while (children->enumerate(children, &child_sa))
- {
- if (streq(cfg->get_name(cfg), child_sa->get_name(child_sa)))
- {
- reqid = child_sa->get_reqid(child_sa);
- break;
- }
- }
- children->destroy(children);
- }
- enumerator->destroy(enumerator);
- return reqid;
-}
-
/**
* Perform start actions associated with a child config
*/
peer_cfg->get_name(peer_cfg), child_cfg);
break;
default:
- charon->traps->install(charon->traps, peer_cfg, child_cfg,
- find_reqid(child_cfg));
+ charon->traps->install(charon->traps, peer_cfg, child_cfg);
break;
}
break;
return builder->finalize(builder);
}
-/**
- * Find reqid of an existing CHILD_SA
- */
-static uint32_t find_reqid(child_cfg_t *cfg)
-{
- enumerator_t *enumerator, *children;
- child_sa_t *child_sa;
- ike_sa_t *ike_sa;
- uint32_t reqid;
-
- reqid = charon->traps->find_reqid(charon->traps, cfg);
- if (reqid)
- { /* already trapped */
- return reqid;
- }
-
- enumerator = charon->controller->create_ike_sa_enumerator(
- charon->controller, TRUE);
- while (!reqid && enumerator->enumerate(enumerator, &ike_sa))
- {
- children = ike_sa->create_child_sa_enumerator(ike_sa);
- while (children->enumerate(children, &child_sa))
- {
- if (streq(cfg->get_name(cfg), child_sa->get_name(child_sa)))
- {
- reqid = child_sa->get_reqid(child_sa);
- break;
- }
- }
- children->destroy(children);
- }
- enumerator->destroy(enumerator);
- return reqid;
-}
-
CALLBACK(install, vici_message_t*,
private_vici_control_t *this, char *name, u_int id, vici_message_t *request)
{
peer_cfg->get_name(peer_cfg), child_cfg);
break;
default:
- ok = charon->traps->install(charon->traps, peer_cfg, child_cfg,
- find_reqid(child_cfg));
+ ok = charon->traps->install(charon->traps, peer_cfg, child_cfg);
break;
}
peer_cfg->destroy(peer_cfg);
else
{
charon->traps->install(charon->traps, peer_cfg,
- child_cfg, 0);
+ child_cfg);
}
break;
case ACTION_NONE:
break;
case ACTION_ROUTE:
charon->traps->install(charon->traps, this->peer_cfg,
- child_sa->get_config(child_sa),
- child_sa->get_reqid(child_sa));
+ child_sa->get_config(child_sa));
break;
default:
break;
case ACTION_ROUTE:
charon->traps->install(charon->traps,
this->ike_sa->get_peer_cfg(this->ike_sa),
- child_cfg, child_sa->get_reqid(child_sa));
+ child_cfg);
break;
default:
break;
break;
case ACTION_ROUTE:
charon->traps->install(charon->traps,
- this->ike_sa->get_peer_cfg(this->ike_sa), child_cfg,
- reqid);
+ this->ike_sa->get_peer_cfg(this->ike_sa),
+ child_cfg);
break;
default:
break;
return found;
}
-METHOD(trap_manager_t, install, uint32_t,
- private_trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child,
- uint32_t reqid)
+METHOD(trap_manager_t, install, bool,
+ private_trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child)
{
entry_t *entry, *found = NULL;
ike_cfg_t *ike_cfg;
linked_list_t *proposals;
proposal_t *proposal;
protocol_id_t proto = PROTO_ESP;
- bool wildcard = FALSE;
+ bool result = FALSE, wildcard = FALSE;
/* try to resolve addresses */
ike_cfg = peer->get_ike_cfg(peer);
{
other->destroy(other);
DBG1(DBG_CFG, "installing trap failed, remote address unknown");
- return 0;
+ return FALSE;
}
else
{ /* depending on the traffic selectors we don't really need a remote
* which is probably not what users expect*/
DBG1(DBG_CFG, "installing trap failed, remote address unknown with "
"dynamic traffic selector");
- return 0;
+ return FALSE;
}
me = ike_cfg->resolve_me(ike_cfg, other ? other->get_family(other)
: AF_UNSPEC);
this->lock->unlock(this->lock);
other->destroy(other);
me->destroy(me);
- return 0;
+ return FALSE;
}
enumerator = this->traps->create_enumerator(this->traps);
while (enumerator->enumerate(enumerator, &entry))
this->lock->unlock(this->lock);
other->destroy(other);
me->destroy(me);
- return 0;
+ return FALSE;
}
/* config might have changed so update everything */
DBG1(DBG_CFG, "updating already routed CHILD_SA '%s'", found->name);
- reqid = found->child_sa->get_reqid(found->child_sa);
}
INIT(entry,
this->lock->unlock(this->lock);
/* create and route CHILD_SA */
- child_sa = child_sa_create(me, other, child, reqid, FALSE, 0, 0);
+ child_sa = child_sa_create(me, other, child, 0, FALSE, 0, 0);
list = linked_list_create_with_items(me, NULL);
my_ts = child->get_traffic_selectors(child, TRUE, NULL, list);
this->lock->unlock(this->lock);
entry->child_sa = child_sa;
destroy_entry(entry);
- reqid = 0;
}
else
{
- reqid = child_sa->get_reqid(child_sa);
this->lock->write_lock(this->lock);
entry->child_sa = child_sa;
this->lock->unlock(this->lock);
+ result = TRUE;
}
if (found)
{
this->installing--;
this->condvar->signal(this->condvar);
this->lock->unlock(this->lock);
- return reqid;
+ return result;
}
METHOD(trap_manager_t, uninstall, bool,
*
* @param peer peer configuration to initiate on trap
* @param child child configuration to install as a trap
- * @param reqid optional reqid to use
- * @return reqid of installed CHILD_SA, 0 if failed
+ * @return TRUE if successfully installed
*/
- uint32_t (*install)(trap_manager_t *this, peer_cfg_t *peer,
- child_cfg_t *child, uint32_t reqid);
+ bool (*install)(trap_manager_t *this, peer_cfg_t *peer, child_cfg_t *child);
/**
* Uninstall a trap policy.
projects / thirdparty / strongswan.git / commitdiff
