Annotation of embedaddon/strongswan/src/libcharon/processing/jobs/dpd_timeout_job.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2012 Martin Willi
! 3: * Copyright (C) 2012 revosec AG
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: #include <stdlib.h>
! 17:
! 18: #include "dpd_timeout_job.h"
! 19:
! 20: #include <sa/ike_sa.h>
! 21: #include <daemon.h>
! 22:
! 23:
! 24: typedef struct private_dpd_timeout_job_t private_dpd_timeout_job_t;
! 25:
! 26: /**
! 27: * Private data
! 28: */
! 29: struct private_dpd_timeout_job_t {
! 30:
! 31: /**
! 32: * public dpd_timeout_job_t interface
! 33: */
! 34: dpd_timeout_job_t public;
! 35:
! 36: /**
! 37: * IKE_SA identifier
! 38: */
! 39: ike_sa_id_t *ike_sa_id;
! 40:
! 41: /**
! 42: * Timestamp of first DPD check
! 43: */
! 44: time_t check;
! 45: };
! 46:
! 47: METHOD(job_t, destroy, void,
! 48: private_dpd_timeout_job_t *this)
! 49: {
! 50: this->ike_sa_id->destroy(this->ike_sa_id);
! 51: free(this);
! 52: }
! 53:
! 54: METHOD(job_t, execute, job_requeue_t,
! 55: private_dpd_timeout_job_t *this)
! 56: {
! 57: time_t use_time, current;
! 58: enumerator_t *enumerator;
! 59: child_sa_t *child_sa;
! 60: ike_sa_t *ike_sa;
! 61:
! 62: ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
! 63: this->ike_sa_id);
! 64: if (ike_sa)
! 65: {
! 66: if (ike_sa->get_state(ike_sa) == IKE_PASSIVE)
! 67: {
! 68: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
! 69: return JOB_REQUEUE_NONE;
! 70: }
! 71:
! 72: use_time = ike_sa->get_statistic(ike_sa, STAT_INBOUND);
! 73:
! 74: enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
! 75: while (enumerator->enumerate(enumerator, &child_sa))
! 76: {
! 77: child_sa->get_usestats(child_sa, TRUE, ¤t, NULL, NULL);
! 78: use_time = max(use_time, current);
! 79: }
! 80: enumerator->destroy(enumerator);
! 81:
! 82: /* check if no incoming packet during timeout, reestablish SA */
! 83: if (use_time < this->check)
! 84: {
! 85: DBG1(DBG_JOB, "DPD check timed out, enforcing DPD action");
! 86: charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND_TIMEOUT, NULL);
! 87: charon->bus->ike_updown(charon->bus, ike_sa, FALSE);
! 88: ike_sa->reestablish(ike_sa);
! 89: charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
! 90: ike_sa);
! 91: }
! 92: else
! 93: {
! 94: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
! 95: }
! 96: }
! 97: return JOB_REQUEUE_NONE;
! 98: }
! 99:
! 100: METHOD(job_t, get_priority, job_priority_t,
! 101: private_dpd_timeout_job_t *this)
! 102: {
! 103: return JOB_PRIO_HIGH;
! 104: }
! 105:
! 106: /*
! 107: * Described in header
! 108: */
! 109: dpd_timeout_job_t *dpd_timeout_job_create(ike_sa_id_t *ike_sa_id)
! 110: {
! 111: private_dpd_timeout_job_t *this;
! 112:
! 113: INIT(this,
! 114: .public = {
! 115: .job_interface = {
! 116: .execute = _execute,
! 117: .get_priority = _get_priority,
! 118: .destroy = _destroy,
! 119: },
! 120: },
! 121: .ike_sa_id = ike_sa_id->clone(ike_sa_id),
! 122: .check = time_monotonic(NULL),
! 123: );
! 124:
! 125: return &this->public;
! 126: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>