Return to migrate_job.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / processing / jobs |
1.1 misho 1: /* 2: * Copyright (C) 2008 Andreas Steffen 3: * HSR Hochschule fuer Technik Rapperswil 4: * 5: * This program is free software; you can redistribute it and/or modify it 6: * under the terms of the GNU General Public License as published by the 7: * Free Software Foundation; either version 2 of the License, or (at your 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. 9: * 10: * This program is distributed in the hope that it will be useful, but 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 13: * for more details. 14: */ 15: 16: #include "migrate_job.h" 17: 18: #include <daemon.h> 19: 20: #include <config/child_cfg.h> 21: 22: 23: typedef struct private_migrate_job_t private_migrate_job_t; 24: 25: /** 26: * Private data of a migrate_job_t object. 27: */ 28: struct private_migrate_job_t { 29: /** 30: * Public migrate_job_t interface. 31: */ 32: migrate_job_t public; 33: 34: /** 35: * reqid of the CHILD_SA if it already exists 36: */ 37: uint32_t reqid; 38: 39: /** 40: * source traffic selector 41: */ 42: traffic_selector_t *src_ts; 43: 44: /** 45: * destination traffic selector 46: */ 47: traffic_selector_t *dst_ts; 48: 49: /** 50: * local host address to be used for IKE 51: */ 52: host_t *local; 53: 54: /** 55: * remote host address to be used for IKE 56: */ 57: host_t *remote; 58: }; 59: 60: METHOD(job_t, destroy, void, 61: private_migrate_job_t *this) 62: { 63: DESTROY_IF(this->src_ts); 64: DESTROY_IF(this->dst_ts); 65: DESTROY_IF(this->local); 66: DESTROY_IF(this->remote); 67: free(this); 68: } 69: 70: METHOD(job_t, execute, job_requeue_t, 71: private_migrate_job_t *this) 72: { 73: enumerator_t *ike_sas, *children; 74: ike_sa_t *ike_sa; 75: 76: ike_sas = charon->ike_sa_manager->create_enumerator(charon->ike_sa_manager, 77: TRUE); 78: while (ike_sas->enumerate(ike_sas, &ike_sa)) 79: { 80: child_sa_t *current, *child_sa = NULL; 81: linked_list_t *vips; 82: status_t status; 83: host_t *host; 84: 85: children = ike_sa->create_child_sa_enumerator(ike_sa); 86: while (children->enumerate(children, ¤t)) 87: { 88: if (current->get_reqid(current) == this->reqid) 89: { 90: child_sa = current; 91: break; 92: } 93: } 94: children->destroy(children); 95: 96: if (!child_sa) 97: { 98: continue; 99: } 100: 101: DBG2(DBG_JOB, "found CHILD_SA with reqid {%d}", this->reqid); 102: 103: ike_sa->set_kmaddress(ike_sa, this->local, this->remote); 104: 105: host = this->local->clone(this->local); 106: host->set_port(host, charon->socket->get_port(charon->socket, FALSE)); 107: ike_sa->set_my_host(ike_sa, host); 108: 109: host = this->remote->clone(this->remote); 110: host->set_port(host, IKEV2_UDP_PORT); 111: ike_sa->set_other_host(ike_sa, host); 112: 113: vips = linked_list_create_from_enumerator( 114: ike_sa->create_virtual_ip_enumerator(ike_sa, TRUE)); 115: 116: status = child_sa->update(child_sa, this->local, this->remote, vips, 117: ike_sa->has_condition(ike_sa, COND_NAT_ANY)); 118: switch (status) 119: { 120: case NOT_SUPPORTED: 121: ike_sa->rekey_child_sa(ike_sa, child_sa->get_protocol(child_sa), 122: child_sa->get_spi(child_sa, TRUE)); 123: break; 124: case SUCCESS: 125: charon->child_sa_manager->remove(charon->child_sa_manager, 126: child_sa); 127: charon->child_sa_manager->add(charon->child_sa_manager, 128: child_sa, ike_sa); 129: default: 130: break; 131: } 132: vips->destroy(vips); 133: } 134: ike_sas->destroy(ike_sas); 135: return JOB_REQUEUE_NONE; 136: } 137: 138: METHOD(job_t, get_priority, job_priority_t, 139: private_migrate_job_t *this) 140: { 141: return JOB_PRIO_MEDIUM; 142: } 143: 144: /* 145: * Described in header 146: */ 147: migrate_job_t *migrate_job_create(uint32_t reqid, 148: traffic_selector_t *src_ts, 149: traffic_selector_t *dst_ts, 150: policy_dir_t dir, 151: host_t *local, host_t *remote) 152: { 153: private_migrate_job_t *this; 154: 155: INIT(this, 156: .public = { 157: .job_interface = { 158: .execute = _execute, 159: .get_priority = _get_priority, 160: .destroy = _destroy, 161: }, 162: }, 163: .reqid = reqid, 164: .src_ts = (dir == POLICY_OUT) ? src_ts : dst_ts, 165: .dst_ts = (dir == POLICY_OUT) ? dst_ts : src_ts, 166: .local = local, 167: .remote = remote, 168: ); 169: 170: return &this->public; 171: }