Return to dpd_timeout_job.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / processing / jobs |
1.1 misho 1: /* 2: * Copyright (C) 2012 Martin Willi 3: * Copyright (C) 2012 revosec AG 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: 16: #include <stdlib.h> 17: 18: #include "dpd_timeout_job.h" 19: 20: #include <sa/ike_sa.h> 21: #include <daemon.h> 22: 23: 24: typedef struct private_dpd_timeout_job_t private_dpd_timeout_job_t; 25: 26: /** 27: * Private data 28: */ 29: struct private_dpd_timeout_job_t { 30: 31: /** 32: * public dpd_timeout_job_t interface 33: */ 34: dpd_timeout_job_t public; 35: 36: /** 37: * IKE_SA identifier 38: */ 39: ike_sa_id_t *ike_sa_id; 40: 41: /** 42: * Timestamp of first DPD check 43: */ 44: time_t check; 45: }; 46: 47: METHOD(job_t, destroy, void, 48: private_dpd_timeout_job_t *this) 49: { 50: this->ike_sa_id->destroy(this->ike_sa_id); 51: free(this); 52: } 53: 54: METHOD(job_t, execute, job_requeue_t, 55: private_dpd_timeout_job_t *this) 56: { 57: time_t use_time, current; 58: enumerator_t *enumerator; 59: child_sa_t *child_sa; 60: ike_sa_t *ike_sa; 61: 62: ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager, 63: this->ike_sa_id); 64: if (ike_sa) 65: { 66: if (ike_sa->get_state(ike_sa) == IKE_PASSIVE) 67: { 68: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); 69: return JOB_REQUEUE_NONE; 70: } 71: 72: use_time = ike_sa->get_statistic(ike_sa, STAT_INBOUND); 73: 74: enumerator = ike_sa->create_child_sa_enumerator(ike_sa); 75: while (enumerator->enumerate(enumerator, &child_sa)) 76: { 77: child_sa->get_usestats(child_sa, TRUE, ¤t, NULL, NULL); 78: use_time = max(use_time, current); 79: } 80: enumerator->destroy(enumerator); 81: 82: /* check if no incoming packet during timeout, reestablish SA */ 83: if (use_time < this->check) 84: { 85: DBG1(DBG_JOB, "DPD check timed out, enforcing DPD action"); 86: charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND_TIMEOUT, NULL); 87: charon->bus->ike_updown(charon->bus, ike_sa, FALSE); 88: ike_sa->reestablish(ike_sa); 89: charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, 90: ike_sa); 91: } 92: else 93: { 94: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); 95: } 96: } 97: return JOB_REQUEUE_NONE; 98: } 99: 100: METHOD(job_t, get_priority, job_priority_t, 101: private_dpd_timeout_job_t *this) 102: { 103: return JOB_PRIO_HIGH; 104: } 105: 106: /* 107: * Described in header 108: */ 109: dpd_timeout_job_t *dpd_timeout_job_create(ike_sa_id_t *ike_sa_id) 110: { 111: private_dpd_timeout_job_t *this; 112: 113: INIT(this, 114: .public = { 115: .job_interface = { 116: .execute = _execute, 117: .get_priority = _get_priority, 118: .destroy = _destroy, 119: }, 120: }, 121: .ike_sa_id = ike_sa_id->clone(ike_sa_id), 122: .check = time_monotonic(NULL), 123: ); 124: 125: return &this->public; 126: }