From: Tobias Brunner Date: Tue, 28 Apr 2015 15:29:42 +0000 (+0200) Subject: redirect-job: Add job to redirect an active IKE_SA X-Git-Tag: 5.4.0dr8~12^2~13 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0d424d2107218a0fb03b05ca6981caa3d3be0721;p=thirdparty%2Fstrongswan.git redirect-job: Add job to redirect an active IKE_SA --- diff --git a/src/libcharon/Android.mk b/src/libcharon/Android.mk index cd78e28be6..0b09d100d1 100644 --- a/src/libcharon/Android.mk +++ b/src/libcharon/Android.mk @@ -59,6 +59,7 @@ processing/jobs/delete_child_sa_job.c processing/jobs/delete_child_sa_job.h \ processing/jobs/delete_ike_sa_job.c processing/jobs/delete_ike_sa_job.h \ processing/jobs/migrate_job.c processing/jobs/migrate_job.h \ processing/jobs/process_message_job.c processing/jobs/process_message_job.h \ +processing/jobs/redirect_job.c processing/jobs/redirect_job.h \ processing/jobs/rekey_child_sa_job.c processing/jobs/rekey_child_sa_job.h \ processing/jobs/rekey_ike_sa_job.c processing/jobs/rekey_ike_sa_job.h \ processing/jobs/retransmit_job.c processing/jobs/retransmit_job.h \ diff --git a/src/libcharon/Makefile.am b/src/libcharon/Makefile.am index 71ceed3795..062b96aff5 100644 --- a/src/libcharon/Makefile.am +++ b/src/libcharon/Makefile.am @@ -58,6 +58,7 @@ processing/jobs/delete_child_sa_job.c processing/jobs/delete_child_sa_job.h \ processing/jobs/delete_ike_sa_job.c processing/jobs/delete_ike_sa_job.h \ processing/jobs/migrate_job.c processing/jobs/migrate_job.h \ processing/jobs/process_message_job.c processing/jobs/process_message_job.h \ +processing/jobs/redirect_job.c processing/jobs/redirect_job.h \ processing/jobs/rekey_child_sa_job.c processing/jobs/rekey_child_sa_job.h \ processing/jobs/rekey_ike_sa_job.c processing/jobs/rekey_ike_sa_job.h \ processing/jobs/retransmit_job.c processing/jobs/retransmit_job.h \ diff --git a/src/libcharon/processing/jobs/redirect_job.c b/src/libcharon/processing/jobs/redirect_job.c new file mode 100644 index 0000000000..e1af662c92 --- /dev/null +++ b/src/libcharon/processing/jobs/redirect_job.c @@ -0,0 +1,106 @@ +/* + * Copyright (C) 2015 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +#include "redirect_job.h" + +typedef struct private_redirect_job_t private_redirect_job_t; + +/** + * Private data + */ +struct private_redirect_job_t { + + /** + * Public interface + */ + redirect_job_t public; + + /** + * ID of the IKE_SA to redirect + */ + ike_sa_id_t *ike_sa_id; + + /** + * Target gateway identity + */ + identification_t *gateway; +}; + + +METHOD(job_t, destroy, void, + private_redirect_job_t *this) +{ + this->ike_sa_id->destroy(this->ike_sa_id); + this->gateway->destroy(this->gateway); + free(this); +} + +METHOD(job_t, execute, job_requeue_t, + private_redirect_job_t *this) +{ + ike_sa_t *ike_sa; + + ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, + this->ike_sa_id); + if (ike_sa) + { + if (ike_sa->get_state(ike_sa) == IKE_PASSIVE) + { + charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); + return JOB_REQUEUE_NONE; + } + if (ike_sa->redirect(ike_sa, this->gateway) == DESTROY_ME) + { + charon->ike_sa_manager->checkin_and_destroy( + charon->ike_sa_manager, ike_sa); + } + else + { + charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); + } + } + return JOB_REQUEUE_NONE; +} + +METHOD(job_t, get_priority, job_priority_t, + private_redirect_job_t *this) +{ + return JOB_PRIO_MEDIUM; +} + +/* + * Described in header + */ +redirect_job_t *redirect_job_create(ike_sa_id_t *ike_sa_id, + identification_t *gateway) +{ + private_redirect_job_t *this; + + INIT(this, + .public = { + .job_interface = { + .execute = _execute, + .get_priority = _get_priority, + .destroy = _destroy, + }, + }, + .ike_sa_id = ike_sa_id->clone(ike_sa_id), + .gateway = gateway->clone(gateway), + ); + + return &(this->public); +} diff --git a/src/libcharon/processing/jobs/redirect_job.h b/src/libcharon/processing/jobs/redirect_job.h new file mode 100644 index 0000000000..fe4b34ee9a --- /dev/null +++ b/src/libcharon/processing/jobs/redirect_job.h @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2015 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup redirect_job redirect_job + * @{ @ingroup cjobs + */ + +#ifndef REDIRECT_JOB_H_ +#define REDIRECT_JOB_H_ + +typedef struct redirect_job_t redirect_job_t; + +#include +#include +#include + +/** + * Job used to redirect an IKE_SA. + */ +struct redirect_job_t { + + /** + * The job_t interface. + */ + job_t job_interface; +}; + +/** + * Creates a job to redirect an IKE_SA. + * + * @param ike_sa_id id of the IKE_SA to redirect (cloned) + * @param gateway gateway identity (IP or FQDN) of target (cloned) + * @return created redirect_job_t object + */ +redirect_job_t *redirect_job_create(ike_sa_id_t *ike_sa_id, + identification_t *gateway); + +#endif /** REDIRECT_JOB_H_ @}*/