libipsec: Add possibility to relay acquire events

author Tobias Brunner <tobias@strongswan.org>

Fri, 20 Sep 2013 06:43:46 +0000 (08:43 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Mon, 22 May 2023 14:15:49 +0000 (16:15 +0200)
author Tobias Brunner <tobias@strongswan.org>
Fri, 20 Sep 2013 06:43:46 +0000 (08:43 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Mon, 22 May 2023 14:15:49 +0000 (16:15 +0200)
diff --git a/src/libipsec/ipsec_event_listener.h b/src/libipsec/ipsec_event_listener.h

index c8b6db80ef58db45b63b0cd6b5667ade58c40cae..5d53109df79e81ae551b5e127435ad2d67de69f4 100644 (file)
--- a/src/libipsec/ipsec_event_listener.h
+++ b/src/libipsec/ipsec_event_listener.h
@@ -1,5 +1,5 @@
  /*
- * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2012-2013 Tobias Brunner
   *
   * Copyright (C) secunet Security Networks AG
   *
@@ -25,6 +25,7 @@
  typedef struct ipsec_event_listener_t ipsec_event_listener_t;
  
  #include <library.h>
+#include <selectors/traffic_selector.h>
  
  /**
   * Listener interface for IPsec events
@@ -42,6 +43,13 @@ struct ipsec_event_listener_t {
          * @param hard                  TRUE if this is a hard expire, FALSE otherwise
          */
         void (*expire)(uint8_t protocol, uint32_t spi, host_t *dst, bool hard);
+
+       /**
+        * Called when no IPsec SA is found for an outbound policy
+        *
+        * @param reqid                 reqid of the policy for which to acquire an SA
+        */
+       void (*acquire)(uint32_t reqid);
  };
  
  #endif /** IPSEC_EVENT_LISTENER_H_ @}*/
diff --git a/src/libipsec/ipsec_event_relay.c b/src/libipsec/ipsec_event_relay.c

index 6317089e16b1962f60b7b31ec3015852d8c2be7f..0f10795d168cd11832c2a06ba3b93953aa7b9043 100644 (file)
--- a/src/libipsec/ipsec_event_relay.c
+++ b/src/libipsec/ipsec_event_relay.c
@@ -1,5 +1,5 @@
  /*
- * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2012-2013 Tobias Brunner
   * Copyright (C) 2012 Giuliano Grassi
   * Copyright (C) 2012 Ralf Sager
   *
@@ -63,33 +63,30 @@ typedef struct {
          */
         enum {
                 IPSEC_EVENT_EXPIRE,
+               IPSEC_EVENT_ACQUIRE,
         } type;
  
         /**
-        * Protocol of the SA
-        */
-       uint8_t protocol;
-
-       /**
-        * SPI of the SA, if any
-        */
-       uint32_t spi;
-
-       /**
-        * SA destination address
-        */
-       host_t *dst;
-
-       /**
-        * Additional data for specific event types
+        * Data for specific event types
          */
         union {
  
                 struct {
+                       /** Protocol of the SA */
+                       uint8_t protocol;
+                       /** SPI of the SA */
+                       uint32_t spi;
+                       /** SA destination address */
+                       host_t *dst;
                         /** TRUE in case of a hard expire */
                         bool hard;
                 } expire;
  
+               struct {
+                       /** Reqid of the SA */
+                       uint32_t reqid;
+               } acquire;
+
         } data;
  
  } ipsec_event_t;
@@ -99,7 +96,14 @@ typedef struct {
   */
  static void ipsec_event_destroy(ipsec_event_t *event)
  {
-       event->dst->destroy(event->dst);
+       switch (event->type)
+       {
+               case IPSEC_EVENT_EXPIRE:
+                       event->data.expire.dst->destroy(event->data.expire.dst);
+                       break;
+               case IPSEC_EVENT_ACQUIRE:
+                       break;
+       }
         free(event);
  }
  
@@ -123,10 +127,18 @@ static job_requeue_t handle_events(private_ipsec_event_relay_t *this)
                         case IPSEC_EVENT_EXPIRE:
                                 if (current->expire)
                                 {
-                                       current->expire(event->protocol, event->spi, event->dst,
+                                       current->expire(event->data.expire.protocol,
+                                                                       event->data.expire.spi,
+                                                                       event->data.expire.dst,
                                                                         event->data.expire.hard);
                                 }
                                 break;
+                       case IPSEC_EVENT_ACQUIRE:
+                               if (current->acquire)
+                               {
+                                       current->acquire(event->data.acquire.reqid);
+                               }
+                               break;
                 }
         }
         enumerator->destroy(enumerator);
@@ -143,11 +155,11 @@ METHOD(ipsec_event_relay_t, expire, void,
  
         INIT(event,
                 .type = IPSEC_EVENT_EXPIRE,
-               .protocol = protocol,
-               .spi = spi,
-               .dst = dst->clone(dst),
                 .data = {
                         .expire = {
+                               .protocol = protocol,
+                               .spi = spi,
+                               .dst = dst->clone(dst),
                                 .hard = hard,
                         },
                 },
@@ -155,6 +167,22 @@ METHOD(ipsec_event_relay_t, expire, void,
         this->queue->enqueue(this->queue, event);
  }
  
+METHOD(ipsec_event_relay_t, acquire, void,
+       private_ipsec_event_relay_t *this, uint32_t reqid)
+{
+       ipsec_event_t *event;
+
+       INIT(event,
+               .type = IPSEC_EVENT_ACQUIRE,
+               .data = {
+                       .acquire = {
+                               .reqid = reqid,
+                       },
+               },
+       );
+       this->queue->enqueue(this->queue, event);
+}
+
  METHOD(ipsec_event_relay_t, register_listener, void,
         private_ipsec_event_relay_t *this, ipsec_event_listener_t *listener)
  {
@@ -190,6 +218,7 @@ ipsec_event_relay_t *ipsec_event_relay_create()
         INIT(this,
                 .public = {
                         .expire = _expire,
+                       .acquire = _acquire,
                         .register_listener = _register_listener,
                         .unregister_listener = _unregister_listener,
                         .destroy = _destroy,
diff --git a/src/libipsec/ipsec_event_relay.h b/src/libipsec/ipsec_event_relay.h

index 16bf3d95ab1a1859a00bc2abb99b5eb240eab72c..ee484f8790a5d43ba04b8a38a3831e83909543af 100644 (file)
--- a/src/libipsec/ipsec_event_relay.h
+++ b/src/libipsec/ipsec_event_relay.h
@@ -1,4 +1,5 @@
  /*
+ * Copyright (C) 2013 Tobias Brunner
   * Copyright (C) 2012 Giuliano Grassi
   * Copyright (C) 2012 Ralf Sager
   *
@@ -47,6 +48,13 @@ struct ipsec_event_relay_t {
         void (*expire)(ipsec_event_relay_t *this, uint8_t protocol, uint32_t spi,
                                    host_t *dst, bool hard);
  
+       /**
+        * Raise an acquire event.
+        *
+        * @param reqid                 reqid of the policy for which to acquire an SA
+        */
+       void (*acquire)(ipsec_event_relay_t *this, uint32_t reqid);
+
         /**
          * Register a listener to events raised by this manager
          *
author	Tobias Brunner <tobias@strongswan.org>
	Fri, 20 Sep 2013 06:43:46 +0000 (08:43 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 22 May 2023 14:15:49 +0000 (16:15 +0200)
src/libipsec/ipsec_event_listener.h		patch \| blob \| blame \| history
src/libipsec/ipsec_event_relay.c		patch \| blob \| blame \| history
src/libipsec/ipsec_event_relay.h		patch \| blob \| blame \| history