return TRUE;
}
-METHOD(listener_t, ike_reestablish, bool,
- private_android_service_t *this, ike_sa_t *old, ike_sa_t *new)
+METHOD(listener_t, ike_reestablish_post, bool,
+ private_android_service_t *this, ike_sa_t *old, ike_sa_t *new,
+ bool initiated)
{
- if (this->ike_sa == old)
+ if (this->ike_sa == old && initiated)
{
this->ike_sa = new;
/* re-register hook to detect initiation failures */
.public = {
.listener = {
.ike_rekey = _ike_rekey,
- .ike_reestablish = _ike_reestablish,
+ .ike_reestablish_post = _ike_reestablish_post,
.ike_updown = _ike_updown,
.child_updown = _child_updown,
.alert = _alert,
this->mutex->unlock(this->mutex);
}
-METHOD(bus_t, ike_reestablish, void,
+METHOD(bus_t, ike_reestablish_pre, void,
private_bus_t *this, ike_sa_t *old, ike_sa_t *new)
{
enumerator_t *enumerator;
enumerator = this->listeners->create_enumerator(this->listeners);
while (enumerator->enumerate(enumerator, &entry))
{
- if (entry->calling || !entry->listener->ike_reestablish)
+ if (entry->calling || !entry->listener->ike_reestablish_pre)
{
continue;
}
entry->calling++;
- keep = entry->listener->ike_reestablish(entry->listener, old, new);
+ keep = entry->listener->ike_reestablish_pre(entry->listener, old, new);
+ entry->calling--;
+ if (!keep)
+ {
+ unregister_listener(this, entry, enumerator);
+ }
+ }
+ enumerator->destroy(enumerator);
+ this->mutex->unlock(this->mutex);
+}
+
+METHOD(bus_t, ike_reestablish_post, void,
+ private_bus_t *this, ike_sa_t *old, ike_sa_t *new, bool initiated)
+{
+ enumerator_t *enumerator;
+ entry_t *entry;
+ bool keep;
+
+ this->mutex->lock(this->mutex);
+ enumerator = this->listeners->create_enumerator(this->listeners);
+ while (enumerator->enumerate(enumerator, &entry))
+ {
+ if (entry->calling || !entry->listener->ike_reestablish_post)
+ {
+ continue;
+ }
+ entry->calling++;
+ keep = entry->listener->ike_reestablish_post(entry->listener, old, new,
+ initiated);
entry->calling--;
if (!keep)
{
.child_keys = _child_keys,
.ike_updown = _ike_updown,
.ike_rekey = _ike_rekey,
- .ike_reestablish = _ike_reestablish,
+ .ike_reestablish_pre = _ike_reestablish_pre,
+ .ike_reestablish_post = _ike_reestablish_post,
.child_updown = _child_updown,
.child_rekey = _child_rekey,
.authorize = _authorize,
/*
- * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2012-2014 Tobias Brunner
* Copyright (C) 2006-2009 Martin Willi
* Hochschule fuer Technik Rapperswil
*
void (*ike_rekey)(bus_t *this, ike_sa_t *old, ike_sa_t *new);
/**
- * IKE_SA reestablishing hook.
+ * IKE_SA reestablishing hook (before resolving hosts).
*
* @param old reestablished and obsolete IKE_SA
* @param new new IKE_SA replacing old
*/
- void (*ike_reestablish)(bus_t *this, ike_sa_t *old, ike_sa_t *new);
+ void (*ike_reestablish_pre)(bus_t *this, ike_sa_t *old, ike_sa_t *new);
+
+ /**
+ * IKE_SA reestablishing hook (after configuring and initiating the new
+ * IKE_SA).
+ *
+ * @param old reestablished and obsolete IKE_SA
+ * @param new new IKE_SA replacing old
+ * @param initiated TRUE if initiated successfully, FALSE otherwise
+ */
+ void (*ike_reestablish_post)(bus_t *this, ike_sa_t *old, ike_sa_t *new,
+ bool initiated);
/**
* CHILD_SA up/down hook.
/*
+ * Copyright (C) 2011-2014 Tobias Brunner
* Copyright (C) 2009 Martin Willi
* Hochschule fuer Technik Rapperswil
*
*/
bool (*ike_rekey)(listener_t *this, ike_sa_t *old, ike_sa_t *new);
+ /**
+ * Hook called when an initiator reestablishes an IKE_SA.
+ *
+ * This is invoked right after creating the new IKE_SA and setting the
+ * peer_cfg (and the old hosts), but before resolving the hosts anew.
+ * It is not invoked on the responder.
+ *
+ * @param old IKE_SA getting reestablished (is destroyed)
+ * @param new new IKE_SA replacing old (gets established)
+ * @return TRUE to stay registered, FALSE to unregister
+ */
+ bool (*ike_reestablish_pre)(listener_t *this, ike_sa_t *old, ike_sa_t *new);
+
/**
* Hook called when an initiator reestablishes an IKE_SA.
*
*
* @param old IKE_SA getting reestablished (is destroyed)
* @param new new IKE_SA replacing old (gets established)
+ * @param initiated TRUE if initiation was successful, FALSE otherwise
* @return TRUE to stay registered, FALSE to unregister
*/
- bool (*ike_reestablish)(listener_t *this, ike_sa_t *old, ike_sa_t *new);
+ bool (*ike_reestablish_post)(listener_t *this, ike_sa_t *old,
+ ike_sa_t *new, bool initiated);
/**
* Hook called when a CHILD_SA gets up or down.
new->set_other_host(new, host->clone(host));
host = this->my_host;
new->set_my_host(new, host->clone(host));
+ charon->bus->ike_reestablish_pre(charon->bus, &this->public, new);
/* resolve hosts but use the old addresses above as fallback */
resolve_hosts((private_ike_sa_t*)new);
/* if we already have a virtual IP, we reuse it */
if (status == DESTROY_ME)
{
+ charon->bus->ike_reestablish_post(charon->bus, &this->public, new,
+ FALSE);
charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, new);
status = FAILED;
}
else
{
- charon->bus->ike_reestablish(charon->bus, &this->public, new);
+ charon->bus->ike_reestablish_post(charon->bus, &this->public, new,
+ TRUE);
charon->ike_sa_manager->checkin(charon->ike_sa_manager, new);
status = SUCCESS;
}
projects / thirdparty / strongswan.git / commitdiff
