Annotation of embedaddon/strongswan/src/libcharon/processing/jobs/dpd_timeout_job.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2012 Martin Willi
3: * Copyright (C) 2012 revosec AG
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include <stdlib.h>
17:
18: #include "dpd_timeout_job.h"
19:
20: #include <sa/ike_sa.h>
21: #include <daemon.h>
22:
23:
24: typedef struct private_dpd_timeout_job_t private_dpd_timeout_job_t;
25:
26: /**
27: * Private data
28: */
29: struct private_dpd_timeout_job_t {
30:
31: /**
32: * public dpd_timeout_job_t interface
33: */
34: dpd_timeout_job_t public;
35:
36: /**
37: * IKE_SA identifier
38: */
39: ike_sa_id_t *ike_sa_id;
40:
41: /**
42: * Timestamp of first DPD check
43: */
44: time_t check;
45: };
46:
47: METHOD(job_t, destroy, void,
48: private_dpd_timeout_job_t *this)
49: {
50: this->ike_sa_id->destroy(this->ike_sa_id);
51: free(this);
52: }
53:
54: METHOD(job_t, execute, job_requeue_t,
55: private_dpd_timeout_job_t *this)
56: {
57: time_t use_time, current;
58: enumerator_t *enumerator;
59: child_sa_t *child_sa;
60: ike_sa_t *ike_sa;
61:
62: ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
63: this->ike_sa_id);
64: if (ike_sa)
65: {
66: if (ike_sa->get_state(ike_sa) == IKE_PASSIVE)
67: {
68: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
69: return JOB_REQUEUE_NONE;
70: }
71:
72: use_time = ike_sa->get_statistic(ike_sa, STAT_INBOUND);
73:
74: enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
75: while (enumerator->enumerate(enumerator, &child_sa))
76: {
77: child_sa->get_usestats(child_sa, TRUE, ¤t, NULL, NULL);
78: use_time = max(use_time, current);
79: }
80: enumerator->destroy(enumerator);
81:
82: /* check if no incoming packet during timeout, reestablish SA */
83: if (use_time < this->check)
84: {
85: DBG1(DBG_JOB, "DPD check timed out, enforcing DPD action");
86: charon->bus->alert(charon->bus, ALERT_RETRANSMIT_SEND_TIMEOUT, NULL);
87: charon->bus->ike_updown(charon->bus, ike_sa, FALSE);
88: ike_sa->reestablish(ike_sa);
89: charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager,
90: ike_sa);
91: }
92: else
93: {
94: charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
95: }
96: }
97: return JOB_REQUEUE_NONE;
98: }
99:
100: METHOD(job_t, get_priority, job_priority_t,
101: private_dpd_timeout_job_t *this)
102: {
103: return JOB_PRIO_HIGH;
104: }
105:
106: /*
107: * Described in header
108: */
109: dpd_timeout_job_t *dpd_timeout_job_create(ike_sa_id_t *ike_sa_id)
110: {
111: private_dpd_timeout_job_t *this;
112:
113: INIT(this,
114: .public = {
115: .job_interface = {
116: .execute = _execute,
117: .get_priority = _get_priority,
118: .destroy = _destroy,
119: },
120: },
121: .ike_sa_id = ike_sa_id->clone(ike_sa_id),
122: .check = time_monotonic(NULL),
123: );
124:
125: return &this->public;
126: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>