diff options
| author | Martin Willi <martin@revosec.ch> | 2012-01-03 12:00:12 +0100 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-03-20 17:31:32 +0100 |
| commit | 4f49b06843038f933e69bf480ece37350f80b1fb (patch) | |
| tree | e5aeee01e66fcbddbf88b0e5a4a0fd5063308c07 | |
| parent | 17c64d5ff9bd2076883f4d5eea23923e61b857ff (diff) | |
| download | strongswan-4f49b06843038f933e69bf480ece37350f80b1fb.tar.bz2 strongswan-4f49b06843038f933e69bf480ece37350f80b1fb.tar.xz | |
Initiate IKEv1 reauthentication, take over all children
| -rw-r--r-- | src/libcharon/sa/ikev1/task_manager_v1.c | 48 |
1 files changed, 44 insertions, 4 deletions
diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c index 3a6cf5163..7dbfb5c23 100644 --- a/src/libcharon/sa/ikev1/task_manager_v1.c +++ b/src/libcharon/sa/ikev1/task_manager_v1.c @@ -1118,16 +1118,56 @@ METHOD(task_manager_t, queue_ike, void, } } -METHOD(task_manager_t, queue_ike_rekey, void, +METHOD(task_manager_t, queue_ike_reauth, void, private_task_manager_t *this) { - /* TODO-IKEv1: IKE_SA rekeying */ + enumerator_t *enumerator; + child_sa_t *child_sa; + ike_sa_t *new; + host_t *host; + + new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager, + this->ike_sa->get_version(this->ike_sa), TRUE); + if (!new) + { /* shouldn't happen */ + return; + } + + new->set_peer_cfg(new, this->ike_sa->get_peer_cfg(this->ike_sa)); + host = this->ike_sa->get_other_host(this->ike_sa); + new->set_other_host(new, host->clone(host)); + host = this->ike_sa->get_my_host(this->ike_sa); + new->set_my_host(new, host->clone(host)); + host = this->ike_sa->get_virtual_ip(this->ike_sa, TRUE); + if (host) + { + new->set_virtual_ip(new, TRUE, host); + } + + enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa); + while (enumerator->enumerate(enumerator, &child_sa)) + { + this->ike_sa->remove_child_sa(this->ike_sa, enumerator); + new->add_child_sa(new, child_sa); + } + enumerator->destroy(enumerator); + + if (new->initiate(new, NULL, 0, NULL, NULL) != DESTROY_ME) + { + charon->ike_sa_manager->checkin(charon->ike_sa_manager, new); + } + else + { + charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, new); + DBG1(DBG_IKE, "reauthenticating IKE_SA failed"); + } + charon->bus->set_sa(charon->bus, this->ike_sa); } -METHOD(task_manager_t, queue_ike_reauth, void, +METHOD(task_manager_t, queue_ike_rekey, void, private_task_manager_t *this) { - /* TODO-IKEv1: IKE_SA reauth */ + queue_ike_reauth(this); } METHOD(task_manager_t, queue_ike_delete, void, |