rng_t *rng;
/**
- * Lock to access the RNG instance
+ * Registered callback for IKE SPIs
*/
- rwlock_t *rng_lock;
+ struct {
+ spi_cb_t cb;
+ void *data;
+ } spi_cb;
+
+ /**
+ * Lock to access the RNG instance and the callback
+ */
+ rwlock_t *spi_lock;
/**
* reuse existing IKE_SAs in checkout_by_config
{
u_int64_t spi;
- this->rng_lock->read_lock(this->rng_lock);
- if (!this->rng ||
- !this->rng->get_bytes(this->rng, sizeof(spi), (u_int8_t*)&spi))
+ this->spi_lock->read_lock(this->spi_lock);
+ if (this->spi_cb.cb)
+ {
+ spi = this->spi_cb.cb(this->spi_cb.data);
+ }
+ else if (!this->rng ||
+ !this->rng->get_bytes(this->rng, sizeof(spi), (u_int8_t*)&spi))
{
spi = 0;
}
- this->rng_lock->unlock(this->rng_lock);
+ this->spi_lock->unlock(this->spi_lock);
return spi;
}
return count;
}
+METHOD(ike_sa_manager_t, set_spi_cb, void,
+ private_ike_sa_manager_t *this, spi_cb_t callback, void *data)
+{
+ this->spi_lock->write_lock(this->spi_lock);
+ this->spi_cb.cb = callback;
+ this->spi_cb.data = data;
+ this->spi_lock->unlock(this->spi_lock);
+}
+
METHOD(ike_sa_manager_t, flush, void,
private_ike_sa_manager_t *this)
{
charon->bus->set_sa(charon->bus, NULL);
unlock_all_segments(this);
- this->rng_lock->write_lock(this->rng_lock);
+ this->spi_lock->write_lock(this->spi_lock);
this->rng->destroy(this->rng);
this->rng = NULL;
- this->rng_lock->unlock(this->rng_lock);
+ this->spi_cb.cb = NULL;
+ this->spi_cb.data = NULL;
+ this->spi_lock->unlock(this->spi_lock);
}
METHOD(ike_sa_manager_t, destroy, void,
free(this->connected_peers_segments);
free(this->init_hashes_segments);
- this->rng_lock->destroy(this->rng_lock);
+ this->spi_lock->destroy(this->spi_lock);
free(this);
}
.get_count = _get_count,
.get_half_open_count = _get_half_open_count,
.flush = _flush,
+ .set_spi_cb = _set_spi_cb,
.destroy = _destroy,
},
);
free(this);
return NULL;
}
- this->rng_lock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+ this->spi_lock = rwlock_create(RWLOCK_TYPE_DEFAULT);
this->ikesa_limit = lib->settings->get_int(lib->settings,
"%s.ikesa_limit", 0, lib->ns);
/*
- * Copyright (C) 2008 Tobias Brunner
+ * Copyright (C) 2008-2015 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
#include <encoding/message.h>
#include <config/peer_cfg.h>
+/**
+ * Callback called to generate an IKE SPI.
+ *
+ * This may be called from multiple threads concurrently.
+ *
+ * @param data data supplied during registration of the callback
+ * @return allocated SPI, 0 on failure
+ */
+typedef u_int64_t (*spi_cb_t)(void *data);
+
/**
* Manages and synchronizes access to all IKE_SAs.
*
u_int (*get_half_open_count)(ike_sa_manager_t *this, host_t *ip,
bool responder_only);
+ /**
+ * Set the callback to generate IKE SPIs
+ *
+ * @param callback callback to register
+ * @param data data provided to callback
+ */
+ void (*set_spi_cb)(ike_sa_manager_t *this, spi_cb_t callback,
+ void *data);
+
/**
* Delete all existing IKE_SAs and destroy them immediately.
*
projects / thirdparty / strongswan.git / commitdiff
