charon->kernel->expire(charon->kernel, protocol, spi, dst, hard);
}
+METHOD(kernel_ipsec_t, get_features, kernel_feature_t,
+ private_kernel_android_ipsec_t *this)
+{
+ return KERNEL_SA_USE_TIME;
+}
+
METHOD(kernel_ipsec_t, get_spi, status_t,
private_kernel_android_ipsec_t *this, host_t *src, host_t *dst,
uint8_t protocol, uint32_t *spi)
INIT(this,
.public = {
.interface = {
+ .get_features = _get_features,
.get_spi = _get_spi,
.get_cpi = _get_cpi,
.add_sa = _add_sa,
KERNEL_NO_POLICY_UPDATES = (1<<3),
/** IPsec backend supports installing SPIs on policies */
KERNEL_POLICY_SPI = (1<<4),
+ /** IPsec backend reports use time per SA via query_sa() */
+ KERNEL_SA_USE_TIME = (1<<5),
};
/**
kernel_ipsec_update_sa_t *data);
/**
- * Query the number of bytes processed by an SA from the SAD.
+ * Query the number of bytes and packets processed by an SA from the SAD.
+ *
+ * Some implementations may also return the last use time (as indicated by
+ * get_features()). This is a monotonic timestamp as returned by
+ * time_monotonic().
*
* @param id data identifying this SA
* @param data data to query the SA
* Query the use time of a policy.
*
* The use time of a policy is the time the policy was used
- * for the last time.
+ * for the last time. This is a monotonic timestamp as returned by
+ * time_monotonic().
*
* @param id data identifying this policy
* @param data data to query the policy
- * @param[out] use_time the monotonic timestamp of this SA's last use
+ * @param[out] use_time the monotonic timestamp of this policy's last use
* @return SUCCESS if operation completed
*/
status_t (*query_policy)(kernel_interface_t *this,
kernel_ipsec_update_sa_t *data);
/**
- * Query the number of bytes processed by an SA from the SAD.
+ * Query the number of bytes and packets processed by an SA from the SAD.
+ *
+ * Some implementations may also return the last use time (as indicated by
+ * get_features()). This is a monotonic timestamp as returned by
+ * time_monotonic().
*
* @param id data identifying this SA
* @param data data to query the SA
* Query the use time of a policy.
*
* The use time of a policy is the time the policy was used for the last
- * time. It is not the system time, but a monotonic timestamp as returned
- * by time_monotonic.
+ * time. This is a monotonic timestamp as returned by time_monotonic().
*
* @param id data identifying this policy
* @param data data to query the policy
- * @param[out] use_time the monotonic timestamp of this SA's last use
+ * @param[out] use_time the monotonic timestamp of this policy's last use
* @return SUCCESS if operation completed
*/
status_t (*query_policy)(kernel_ipsec_t *this,
METHOD(kernel_ipsec_t, get_features, kernel_feature_t,
private_kernel_libipsec_ipsec_t *this)
{
- return KERNEL_REQUIRE_UDP_ENCAPSULATION | KERNEL_ESP_V3_TFC;
+ return KERNEL_REQUIRE_UDP_ENCAPSULATION | KERNEL_ESP_V3_TFC |
+ KERNEL_SA_USE_TIME;
}
METHOD(kernel_ipsec_t, get_spi, status_t,
return SUCCESS;
}
+METHOD(kernel_ipsec_t, get_features, kernel_feature_t,
+ private_kernel_pfkey_ipsec_t *this)
+{
+#ifdef __APPLE__
+ return KERNEL_SA_USE_TIME;
+#else
+ return 0;
+#endif
+}
+
METHOD(kernel_ipsec_t, get_spi, status_t,
private_kernel_pfkey_ipsec_t *this, host_t *src, host_t *dst,
uint8_t protocol, uint32_t *spi)
/* OS X uses the "last" time of use in usetime */
*time = response.lft_current->sadb_lifetime_usetime;
#else /* !__APPLE__ */
- /* on Linux, sadb_lifetime_usetime is set to the "first" time of use,
- * which is actually correct according to PF_KEY. We have to query
- * policies for the last usetime. */
+ /* on Linux and FreeBSD, sadb_lifetime_usetime is set to the "first"
+ * time of use, which is actually correct according to PF_KEY. We have
+ * to query policies for the last usetime. */
*time = 0;
#endif /* !__APPLE__ */
}
INIT(this,
.public = {
.interface = {
+ .get_features = _get_features,
.get_spi = _get_spi,
.get_cpi = _get_cpi,
.add_sa = _add_sa,
projects / thirdparty / strongswan.git / commitdiff
