[people/pmueller/ipfire-2.x.git] / src / patches / openswan-1.0.9-restart.patch

diff -rNu pluto.orig/constants.h pluto/constants.h
--- pluto.orig/constants.h	2004-07-21 16:33:16.000000000 +0200
+++ pluto/constants.h	2004-08-22 22:45:59.000000000 +0200
@@ -298,8 +298,9 @@
 /* Dead Peer Detection actions */
 
 enum dpd_action {
-  DPD_ACTION_CLEAR = 0,
-  DPD_ACTION_HOLD  = 1
+  DPD_ACTION_CLEAR    = 0,
+  DPD_ACTION_HOLD     = 1,
+  DPD_ACTION_RESTART  = 2
 };
 
 /* Timer events */
diff -rNu pluto.orig/ipsec_doi.c pluto/ipsec_doi.c
--- pluto.orig/ipsec_doi.c	2004-04-03 18:48:10.000000000 +0200
+++ pluto/ipsec_doi.c	2004-08-22 22:32:15.000000000 +0200
@@ -5504,7 +5528,7 @@
 
     action = st->st_connection->dpd_action;
 
-    passert(action == DPD_ACTION_HOLD || action == DPD_ACTION_CLEAR);
+    passert(action == DPD_ACTION_HOLD || action == DPD_ACTION_CLEAR || action == DPD_ACTION_RESTART);
 
     loglog(RC_LOG_SERIOUS, "DPD: Info: No response from peer - declaring peer dead");
 
@@ -5521,11 +5545,20 @@
 	   force an initiation of the conn again.  */
 	loglog(RC_LOG_SERIOUS, "DPD: Info: Putting connection into %%trap");
 
-    } else {
+    } else if(action == DPD_ACTION_CLEAR) {
 	/* dpdaction=clear - Wipe the SA, eroute - everything */
 
 	loglog(RC_LOG_SERIOUS, "DPD: Info: Clearing Connection");
 	unroute_connection(c);
+    } else {
+	/* dpdaction=clear - Wipe the SA, eroute - everything, then restart */
+
+	loglog(RC_LOG_SERIOUS, "DPD: Info: Restarting Connection");
+	unroute_connection(c);
+        if (c->kind == CK_PERMANENT) {
+            c->initiated = TRUE;
+            ipsecdoi_initiate(NULL_FD, c, c->policy, 1, SOS_NOBODY);
+        }
     }
 }
 #endif
diff -rNu pluto.orig/whack.c pluto/whack.c
--- pluto.orig/whack.c	2004-03-01 13:54:10.000000000 +0100
+++ pluto/whack.c	2004-08-22 22:34:56.000000000 +0200
@@ -1033,6 +1033,9 @@
 	    if( strcmp(optarg, "hold") == 0) {
 		    msg.dpd_action = DPD_ACTION_HOLD;
 	    }
+	    if( strcmp(optarg, "restart") == 0) {
+		    msg.dpd_action = DPD_ACTION_RESTART;
+	    }
 	    continue;
 
 #endif
@@ -1235,8 +1238,8 @@
 	    diag("dpddelay specified, but dpdtimeout is zero, both should be specified");
     if(!msg.dpd_delay && msg.dpd_timeout)
 	    diag("dpdtimeout specified, but dpddelay is zero, both should be specified");
-    if(msg.dpd_action != DPD_ACTION_CLEAR && msg.dpd_action != DPD_ACTION_HOLD) {
-	    diag("dpdaction can only be \"clear\" or \"hold\", defaulting to \"hold\"");
+    if(msg.dpd_action != DPD_ACTION_CLEAR && msg.dpd_action != DPD_ACTION_HOLD && msg.dpd_action != DPD_ACTION_RESTART) {
+	    diag("dpdaction can only be \"restart\", \"clear\" or \"hold\", defaulting to \"hold\"");
 	    msg.dpd_action = DPD_ACTION_HOLD;
     }
 #endif
Commit	Line	Data
cd1a2927 MT	1	diff -rNu pluto.orig/constants.h pluto/constants.h
	2	--- pluto.orig/constants.h 2004-07-21 16:33:16.000000000 +0200
	3	+++ pluto/constants.h 2004-08-22 22:45:59.000000000 +0200
	4	@@ -298,8 +298,9 @@
	5	/* Dead Peer Detection actions */
	6
	7	enum dpd_action {
	8	- DPD_ACTION_CLEAR = 0,
	9	- DPD_ACTION_HOLD = 1
	10	+ DPD_ACTION_CLEAR = 0,
	11	+ DPD_ACTION_HOLD = 1,
	12	+ DPD_ACTION_RESTART = 2
	13	};
	14
	15	/* Timer events */
	16	diff -rNu pluto.orig/ipsec_doi.c pluto/ipsec_doi.c
	17	--- pluto.orig/ipsec_doi.c 2004-04-03 18:48:10.000000000 +0200
	18	+++ pluto/ipsec_doi.c 2004-08-22 22:32:15.000000000 +0200
	19	@@ -5504,7 +5528,7 @@
	20
	21	action = st->st_connection->dpd_action;
	22
	23	- passert(action == DPD_ACTION_HOLD \|\| action == DPD_ACTION_CLEAR);
	24	+ passert(action == DPD_ACTION_HOLD \|\| action == DPD_ACTION_CLEAR \|\| action == DPD_ACTION_RESTART);
	25
	26	loglog(RC_LOG_SERIOUS, "DPD: Info: No response from peer - declaring peer dead");
	27
	28	@@ -5521,11 +5545,20 @@
	29	force an initiation of the conn again. */
	30	loglog(RC_LOG_SERIOUS, "DPD: Info: Putting connection into %%trap");
	31
	32	- } else {
	33	+ } else if(action == DPD_ACTION_CLEAR) {
	34	/* dpdaction=clear - Wipe the SA, eroute - everything */
	35
	36	loglog(RC_LOG_SERIOUS, "DPD: Info: Clearing Connection");
	37	unroute_connection(c);
	38	+ } else {
	39	+ /* dpdaction=clear - Wipe the SA, eroute - everything, then restart */
	40	+
	41	+ loglog(RC_LOG_SERIOUS, "DPD: Info: Restarting Connection");
	42	+ unroute_connection(c);
	43	+ if (c->kind == CK_PERMANENT) {
	44	+ c->initiated = TRUE;
	45	+ ipsecdoi_initiate(NULL_FD, c, c->policy, 1, SOS_NOBODY);
	46	+ }
	47	}
	48	}
	49	#endif
	50	diff -rNu pluto.orig/whack.c pluto/whack.c
	51	--- pluto.orig/whack.c 2004-03-01 13:54:10.000000000 +0100
	52	+++ pluto/whack.c 2004-08-22 22:34:56.000000000 +0200
	53	@@ -1033,6 +1033,9 @@
	54	if( strcmp(optarg, "hold") == 0) {
	55	msg.dpd_action = DPD_ACTION_HOLD;
	56	}
	57	+ if( strcmp(optarg, "restart") == 0) {
	58	+ msg.dpd_action = DPD_ACTION_RESTART;
	59	+ }
	60	continue;
	61
	62	#endif
	63	@@ -1235,8 +1238,8 @@
	64	diag("dpddelay specified, but dpdtimeout is zero, both should be specified");
65	if(!msg.dpd_delay && msg.dpd_timeout)
66	diag("dpdtimeout specified, but dpddelay is zero, both should be specified");
67	- if(msg.dpd_action != DPD_ACTION_CLEAR && msg.dpd_action != DPD_ACTION_HOLD) {
68	- diag("dpdaction can only be \"clear\" or \"hold\", defaulting to \"hold\"");
69	+ if(msg.dpd_action != DPD_ACTION_CLEAR && msg.dpd_action != DPD_ACTION_HOLD && msg.dpd_action != DPD_ACTION_RESTART) {
70	+ diag("dpdaction can only be \"restart\", \"clear\" or \"hold\", defaulting to \"hold\"");
71	msg.dpd_action = DPD_ACTION_HOLD;
72	}
73	#endif