kernel-wfp: Refactor route management to separate function

author Martin Willi <martin@revosec.ch>

Wed, 9 Apr 2014 08:41:32 +0000 (10:41 +0200)

committer Martin Willi <martin@revosec.ch>

Wed, 4 Jun 2014 14:32:11 +0000 (16:32 +0200)
author Martin Willi <martin@revosec.ch>
Wed, 9 Apr 2014 08:41:32 +0000 (10:41 +0200)
committer Martin Willi <martin@revosec.ch>
Wed, 4 Jun 2014 14:32:11 +0000 (16:32 +0200)
diff --git a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c

index 7a8b1487c0e264824bbfa5f8a9bb8daa5c74157c..eaf21fa6ae1a99037f5f3743c906ff66423c32a3 100644 (file)
--- a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
+++ b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
@@ -1325,6 +1325,50 @@ static bool install_route(private_kernel_wfp_ipsec_t *this,
         return res;
  }
  
+/**
+ * (Un)-install a single route
+ */
+static bool manage_route(private_kernel_wfp_ipsec_t *this,
+                                                host_t *local, host_t *remote,
+                                                traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
+                                                bool add)
+{
+       host_t *src, *dst, *gtw;
+       u_int8_t mask;
+       bool done;
+
+       if (!dst_ts->to_subnet(dst_ts, &dst, &mask))
+       {
+               return FALSE;
+       }
+       if (hydra->kernel_interface->get_address_by_ts(hydra->kernel_interface,
+                                                                                               src_ts, &src, NULL) != SUCCESS)
+       {
+               dst->destroy(dst);
+               return FALSE;
+       }
+       gtw = hydra->kernel_interface->get_nexthop(hydra->kernel_interface,
+                                                                                          remote, local);
+       if (add)
+       {
+               done = install_route(this, dst, mask, src, gtw);
+       }
+       else
+       {
+               done = uninstall_route(this, dst, mask, src, gtw);
+       }
+       dst->destroy(dst);
+       src->destroy(src);
+       DESTROY_IF(gtw);
+
+       if (!done)
+       {
+               DBG1(DBG_KNL, "%sinstalling route for policy %R === %R failed",
+                        add ? "" : "un", src_ts, dst_ts);
+       }
+       return done;
+}
+
  /**
   * (Un)-install routes for IPsec policies
   */
@@ -1332,9 +1376,7 @@ static bool manage_routes(private_kernel_wfp_ipsec_t *this, entry_t *entry,
                                                   bool add)
  {
         enumerator_t *enumerator;
-       host_t *src, *dst, *gtw;
         sp_entry_t *sp;
-       u_int8_t mask;
  
         enumerator = array_create_enumerator(entry->sps);
         while (enumerator->enumerate(enumerator, &sp))
@@ -1347,45 +1389,11 @@ static bool manage_routes(private_kernel_wfp_ipsec_t *this, entry_t *entry,
                 {
                         continue;
                 }
-               if (!sp->dst->to_subnet(sp->dst, &dst, &mask))
-               {
-                       continue;
-               }
-               if (hydra->kernel_interface->get_address_by_ts(hydra->kernel_interface,
-                                                                                               sp->src, &src, NULL) != SUCCESS)
-               {
-                       dst->destroy(dst);
-                       continue;
-               }
-               gtw = hydra->kernel_interface->get_nexthop(hydra->kernel_interface,
-                                                                                                  entry->remote, entry->local);
-               if (add)
-               {
-                       if (install_route(this, dst, mask, src, gtw))
-                       {
-                               sp->route = TRUE;
-                       }
-                       else
-                       {
-                               DBG1(DBG_KNL, "installing route for policy %R === %R failed",
-                                        sp->src, sp->dst);
-                       }
-               }
-               else
+               if (manage_route(this, entry->local, entry->remote,
+                                                sp->src, sp->dst, add))
                 {
-                       if (uninstall_route(this, dst, mask, src, gtw))
-                       {
-                               sp->route = FALSE;
-                       }
-                       else
-                       {
-                               DBG1(DBG_KNL, "uninstalling route for policy %R === %R failed",
-                                        sp->src, sp->dst);
-                       }
+                       sp->route = add;
                 }
-               dst->destroy(dst);
-               src->destroy(src);
-               DESTROY_IF(gtw);
         }
         enumerator->destroy(enumerator);
author	Martin Willi <martin@revosec.ch>
	Wed, 9 Apr 2014 08:41:32 +0000 (10:41 +0200)
committer	Martin Willi <martin@revosec.ch>
	Wed, 4 Jun 2014 14:32:11 +0000 (16:32 +0200)