* Initiate
*/
child_cfg->get_ref(child_cfg);
- if (ike_sa->initiate(ike_sa, child_cfg, 0, NULL, NULL) != SUCCESS)
+ if (ike_sa->initiate(ike_sa, child_cfg, 0, FALSE, NULL, NULL) != SUCCESS)
{
charon->bus->remove_listener(charon->bus, &priv->listener);
charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, ike_sa);
/* get an additional reference because initiate consumes one */
child_cfg->get_ref(child_cfg);
- if (ike_sa->initiate(ike_sa, child_cfg, 0, NULL, NULL) != SUCCESS)
+ if (ike_sa->initiate(ike_sa, child_cfg, 0, FALSE, NULL, NULL) != SUCCESS)
{
DBG1(DBG_CFG, "failed to initiate tunnel");
charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
}
peer_cfg->destroy(peer_cfg);
- if (ike_sa->initiate(ike_sa, listener->child_cfg, 0, NULL, NULL) == SUCCESS)
+ if (ike_sa->initiate(ike_sa, listener->child_cfg, 0, FALSE,
+ NULL, NULL) == SUCCESS)
{
if (!listener->logger.callback)
{
/* get an additional reference because initiate consumes one */
child_cfg->get_ref(child_cfg);
- if (ike_sa->initiate(ike_sa, child_cfg, 0, NULL, NULL) != SUCCESS)
+ if (ike_sa->initiate(ike_sa, child_cfg, 0, FALSE, NULL, NULL) != SUCCESS)
{
DBG1(DBG_CFG, "failed to initiate tunnel");
charon->bus->remove_listener(charon->bus, &this->public.listener);
METHOD(ike_sa_t, initiate, status_t,
private_ike_sa_t *this, child_cfg_t *child_cfg, u_int32_t reqid,
- traffic_selector_t *tsi, traffic_selector_t *tsr)
+ bool recreate, traffic_selector_t *tsi, traffic_selector_t *tsr)
{
bool defer_initiate = FALSE;
{
/* normal IKE_SA with CHILD_SA */
this->task_manager->queue_child(this->task_manager, child_cfg, reqid,
- tsi, tsr);
+ recreate, tsi, tsr);
#ifdef ME
if (this->peer_cfg->get_mediated_by(this->peer_cfg))
{
if (this->retry_initiate_queued)
{
this->retry_initiate_queued = FALSE;
- return initiate(this, NULL, 0, NULL, NULL);
+ return initiate(this, NULL, 0, FALSE, NULL, NULL);
}
return SUCCESS;
}
#ifdef ME
if (this->peer_cfg->is_mediation(this->peer_cfg))
{
- status = new->initiate(new, NULL, 0, NULL, NULL);
+ status = new->initiate(new, NULL, 0, FALSE, NULL, NULL);
}
else
#endif /* ME */
child_cfg->get_name(child_cfg));
child_cfg->get_ref(child_cfg);
status = new->initiate(new, child_cfg,
- child_sa->get_reqid(child_sa), NULL, NULL);
+ child_sa->get_reqid(child_sa), TRUE,
+ NULL, NULL);
break;
default:
continue;
other_tasks->adopt_child_tasks(other_tasks, this->task_manager);
if (new->get_state(new) == IKE_CREATED)
{
- status = new->initiate(new, NULL, 0, NULL, NULL);
+ status = new->initiate(new, NULL, 0, FALSE, NULL, NULL);
}
}
}
/*
- * Copyright (C) 2006-2012 Tobias Brunner
+ * Copyright (C) 2006-2013 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
* to the CHILD_SA.
*
* @param child_cfg child config to create CHILD from
- * @param reqid reqid to use for CHILD_SA, 0 assigne uniquely
+ * @param reqid reqid to use for CHILD_SA, 0 assign uniquely
+ * @param recreate TRUE if recreating a previously established CHILD_SA
* @param tsi source of triggering packet
* @param tsr destination of triggering packet.
* @return
* - DESTROY_ME if initialization failed
*/
status_t (*initiate) (ike_sa_t *this, child_cfg_t *child_cfg,
- u_int32_t reqid, traffic_selector_t *tsi,
- traffic_selector_t *tsr);
+ u_int32_t reqid, bool recreate,
+ traffic_selector_t *tsi, traffic_selector_t *tsr);
/**
* Retry initiation of this IKE_SA after it got deferred previously.
"unestablished IKE_SA, ignored");
return FAILED;
}
- task = (task_t *)quick_mode_create(this->ike_sa, NULL,
+ task = (task_t *)quick_mode_create(this->ike_sa, NULL, FALSE,
NULL, NULL);
this->passive_tasks->insert_last(this->passive_tasks, task);
break;
enumerator->destroy(enumerator);
}
- if (new->initiate(new, NULL, 0, NULL, NULL) != DESTROY_ME)
+ if (new->initiate(new, NULL, 0, FALSE, NULL, NULL) != DESTROY_ME)
{
charon->ike_sa_manager->checkin(charon->ike_sa_manager, new);
this->ike_sa->set_state(this->ike_sa, IKE_REKEYING);
METHOD(task_manager_t, queue_child, void,
private_task_manager_t *this, child_cfg_t *cfg, u_int32_t reqid,
- traffic_selector_t *tsi, traffic_selector_t *tsr)
+ bool recreate, traffic_selector_t *tsi, traffic_selector_t *tsr)
{
quick_mode_t *task;
- task = quick_mode_create(this->ike_sa, cfg, tsi, tsr);
+ task = quick_mode_create(this->ike_sa, cfg, recreate, tsi, tsr);
task->use_reqid(task, reqid);
queue_task(this, &task->task);
{
child_sa->set_state(child_sa, CHILD_REKEYING);
cfg = child_sa->get_config(child_sa);
- task = quick_mode_create(this->ike_sa, cfg->get_ref(cfg),
+ task = quick_mode_create(this->ike_sa, cfg->get_ref(cfg), FALSE,
get_first_ts(child_sa, TRUE), get_first_ts(child_sa, FALSE));
task->use_reqid(task, child_sa->get_reqid(child_sa));
task->rekey(task, child_sa->get_spi(child_sa, TRUE));
case ACTION_RESTART:
child_cfg->get_ref(child_cfg);
this->ike_sa->initiate(this->ike_sa, child_cfg,
- child_sa->get_reqid(child_sa), NULL, NULL);
+ child_sa->get_reqid(child_sa), TRUE, NULL, NULL);
break;
case ACTION_ROUTE:
charon->traps->install(charon->traps,
/*
- * Copyright (C) 2012 Tobias Brunner
+ * Copyright (C) 2012-2013 Tobias Brunner
* Hochschule fuer Technik Rapperswil
*
* Copyright (C) 2011 Martin Willi
*/
bool udp;
+ /**
+ * TRUE if recreating a previously established CHILD_SA
+ */
+ bool recreate;
+
/** states of quick mode */
enum {
QM_INIT,
this->rekey = spi;
}
+METHOD(quick_mode_t, is_recreating, bool,
+ private_quick_mode_t *this)
+{
+ return this->recreate;
+}
+
METHOD(task_t, migrate, void,
private_quick_mode_t *this, ike_sa_t *ike_sa)
{
* Described in header.
*/
quick_mode_t *quick_mode_create(ike_sa_t *ike_sa, child_cfg_t *config,
- traffic_selector_t *tsi, traffic_selector_t *tsr)
+ bool recreate, traffic_selector_t *tsi,
+ traffic_selector_t *tsr)
{
private_quick_mode_t *this;
},
.use_reqid = _use_reqid,
.rekey = _rekey,
+ .is_recreating = _is_recreating,
},
.ike_sa = ike_sa,
.initiator = config != NULL,
.tsi = tsi ? tsi->clone(tsi) : NULL,
.tsr = tsr ? tsr->clone(tsr) : NULL,
.proto = PROTO_ESP,
+ .recreate = recreate,
);
if (config)
/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
* Copyright (C) 2011 Martin Willi
* Copyright (C) 2011 revosec AG
*
* @param spi spi of SA to rekey
*/
void (*rekey)(quick_mode_t *this, u_int32_t spi);
+
+ /**
+ * Whether this task recreates a previously established CHILD_SA.
+ */
+ bool (*is_recreating)(quick_mode_t *this);
};
/**
*
* @param ike_sa IKE_SA this task works for
* @param config child_cfg if task initiator, NULL if responder
+ * @param recreate TRUE if recreating a previously established CHILD_SA
* @param tsi source of triggering packet, or NULL
* @param tsr destination of triggering packet, or NULL
* @return task to handle by the task_manager
*/
quick_mode_t *quick_mode_create(ike_sa_t *ike_sa, child_cfg_t *config,
- traffic_selector_t *tsi, traffic_selector_t *tsr);
+ bool recreate, traffic_selector_t *tsi,
+ traffic_selector_t *tsr);
#endif /** QUICK_MODE_H_ @}*/
task = (task_t*)ike_config_create(this->ike_sa, FALSE);
array_insert(this->passive_tasks, ARRAY_TAIL, task);
task = (task_t*)child_create_create(this->ike_sa, NULL, FALSE,
- NULL, NULL);
+ FALSE, NULL, NULL);
array_insert(this->passive_tasks, ARRAY_TAIL, task);
task = (task_t*)ike_auth_lifetime_create(this->ike_sa, FALSE);
array_insert(this->passive_tasks, ARRAY_TAIL, task);
else
{
task = (task_t*)child_create_create(this->ike_sa, NULL,
- FALSE, NULL, NULL);
+ FALSE, FALSE, NULL, NULL);
}
}
else
METHOD(task_manager_t, queue_child, void,
private_task_manager_t *this, child_cfg_t *cfg, u_int32_t reqid,
- traffic_selector_t *tsi, traffic_selector_t *tsr)
+ bool recreate, traffic_selector_t *tsi, traffic_selector_t *tsr)
{
child_create_t *task;
- task = child_create_create(this->ike_sa, cfg, FALSE, tsi, tsr);
+ task = child_create_create(this->ike_sa, cfg, FALSE, recreate, tsi, tsr);
if (reqid)
{
task->use_reqid(task, reqid);
/*
- * Copyright (C) 2008 Tobias Brunner
+ * Copyright (C) 2008-2013 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
* whether we are retrying with another DH group
*/
bool retry;
+
+ /**
+ * whether we are recreating a previously establishd CHILD_SA
+ */
+ bool recreate;
};
/**
}
}
+METHOD(child_create_t, is_recreating, bool,
+ private_child_create_t *this)
+{
+ return this->recreate;
+}
+
METHOD(task_t, get_type, task_type_t,
private_child_create_t *this)
{
* Described in header.
*/
child_create_t *child_create_create(ike_sa_t *ike_sa,
- child_cfg_t *config, bool rekey,
+ child_cfg_t *config, bool rekey, bool recreate,
traffic_selector_t *tsi, traffic_selector_t *tsr)
{
private_child_create_t *this;
.set_config = _set_config,
.get_lower_nonce = _get_lower_nonce,
.use_reqid = _use_reqid,
+ .is_recreating = _is_recreating,
.task = {
.get_type = _get_type,
.migrate = _migrate,
.ipcomp_received = IPCOMP_NONE,
.rekey = rekey,
.retry = FALSE,
+ .recreate = recreate,
);
if (config)
/*
+ * Copyright (C) 2013 Tobias Brunner
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
* @param cfg configuration to enforce, reference gets owned
*/
void (*set_config)(child_create_t *this, child_cfg_t *cfg);
+
+ /**
+ * Whether this task recreates a previously established CHILD_SA.
+ */
+ bool (*is_recreating)(child_create_t *this);
};
/**
* @param ike_sa IKE_SA this task works for
* @param config child_cfg if task initiator, NULL if responder
* @param rekey whether we do a rekey or not
+ * @param recreate whether we recreate a previous CHILD_SA
* @param tsi source of triggering packet, or NULL
* @param tsr destination of triggering packet, or NULL
* @return child_create task to handle by the task_manager
*/
child_create_t *child_create_create(ike_sa_t *ike_sa,
- child_cfg_t *config, bool rekey,
+ child_cfg_t *config, bool rekey, bool recreate,
traffic_selector_t *tsi, traffic_selector_t *tsr);
#endif /** CHILD_CREATE_H_ @}*/
case ACTION_RESTART:
child_cfg->get_ref(child_cfg);
status = this->ike_sa->initiate(this->ike_sa, child_cfg,
- reqid, NULL, NULL);
+ reqid, TRUE, NULL, NULL);
break;
case ACTION_ROUTE:
charon->traps->install(charon->traps,
/* ... our CHILD_CREATE task does the hard work for us. */
if (!this->child_create)
{
- this->child_create = child_create_create(this->ike_sa,
- config->get_ref(config), TRUE, NULL, NULL);
+ config = config->get_ref(config);
+ this->child_create = child_create_create(this->ike_sa, config, TRUE,
+ FALSE, NULL, NULL);
}
reqid = this->child_sa->get_reqid(this->child_sa);
this->child_create->use_reqid(this->child_create, reqid);
this->public.task.build = _build_r;
this->public.task.process = _process_r;
this->initiator = FALSE;
- this->child_create = child_create_create(ike_sa, NULL, TRUE, NULL, NULL);
+ this->child_create = child_create_create(ike_sa, NULL, TRUE, FALSE,
+ NULL, NULL);
}
return &this->public;
/*
+ * Copyright (C) 2013 Tobias Brunner
* Copyright (C) 2006 Martin Willi
* Hochschule fuer Technik Rapperswil
*
*
* @param cfg CHILD_SA config to establish
* @param reqid reqid to use for CHILD_SA
+ * @param recreate TRUE if recreating a previously established CHILD_SA
* @param tsi initiator traffic selector, if packet-triggered
* @param tsr responder traffic selector, if packet-triggered
*/
void (*queue_child)(task_manager_t *this, child_cfg_t *cfg, u_int32_t reqid,
- traffic_selector_t *tsi, traffic_selector_t *tsr);
+ bool recreate, traffic_selector_t *tsi,
+ traffic_selector_t *tsr);
/**
* Queue CHILD_SA rekeying tasks.
* have a single TS that we can establish in a Quick Mode. */
src = dst = NULL;
}
- if (ike_sa->initiate(ike_sa, child, reqid, src, dst) != DESTROY_ME)
+ if (ike_sa->initiate(ike_sa, child, reqid, FALSE,
+ src, dst) != DESTROY_ME)
{
/* make sure the entry is still there */
this->lock->read_lock(this->lock);
projects / thirdparty / strongswan.git / commitdiff
