diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2008-11-03 07:08:59 +0000 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2008-11-03 07:08:59 +0000 |
| commit | 9c3398747149d456ff2a84c641014097e62408d9 (patch) | |
| tree | bc10eb74ba7a05dd10864bdf6dbe5e309c493d27 | |
| parent | cdf69f103a449b5af3c87e0608a731947c410dbe (diff) | |
| download | strongswan-9c3398747149d456ff2a84c641014097e62408d9.tar.bz2 strongswan-9c3398747149d456ff2a84c641014097e62408d9.tar.xz | |
migrate job creates a new IKE_SA
| -rw-r--r-- | src/charon/processing/jobs/migrate_job.c | 46 |
1 files changed, 35 insertions, 11 deletions
diff --git a/src/charon/processing/jobs/migrate_job.c b/src/charon/processing/jobs/migrate_job.c index c9c835d74..f7ec57685 100644 --- a/src/charon/processing/jobs/migrate_job.c +++ b/src/charon/processing/jobs/migrate_job.c @@ -86,7 +86,6 @@ static void execute(private_migrate_job_t *this) enumerator = charon->backends->create_peer_cfg_enumerator(charon->backends); while (enumerator->enumerate(enumerator, (void**)&peer_cfg)) { - ike_cfg_t *ike_cfg; child_cfg_t *child_cfg; if (peer_cfg->get_ike_version(peer_cfg) != 2) @@ -94,7 +93,6 @@ static void execute(private_migrate_job_t *this) continue; } - ike_cfg = peer_cfg->get_ike_cfg(peer_cfg); children = peer_cfg->create_child_cfg_enumerator(peer_cfg); while (children->enumerate(children, &child_cfg)) { @@ -112,23 +110,49 @@ static void execute(private_migrate_job_t *this) } } enumerator->destroy(enumerator); - if (found_cfg) + + if (found_cfg == NULL) + { + DBG1(DBG_JOB, "no matching child config found for policy %R === %R", + this->src_ts, this->dst_ts); + destroy(this); + return; + } + DBG1(DBG_JOB, "found matching child config '%s' for policy %R === %R", + found_cfg->get_name(found_cfg), + this->src_ts, this->dst_ts); + + ike_sa = charon->ike_sa_manager->checkout_by_config(charon->ike_sa_manager, + peer_cfg); + if (ike_sa->get_peer_cfg(ike_sa) == NULL) { - DBG1(DBG_JOB, "found matching child_cfg '%s'", - found_cfg->get_name(found_cfg)); + host_t *my_host, *other_host; + ike_cfg_t *ike_cfg; + + ike_sa->set_peer_cfg(ike_sa, peer_cfg); + ike_cfg = peer_cfg->get_ike_cfg(peer_cfg); + my_host = host_create_from_dns(ike_cfg->get_my_addr(ike_cfg), 0, 0); + other_host = host_create_from_dns(ike_cfg->get_other_addr(ike_cfg), 0, 0); + ike_sa->set_my_host(ike_sa, my_host); + ike_sa->set_other_host(ike_sa, other_host); } - else + if (this->local) { - DBG1(DBG_JOB, "no matching child_cfg found"); + ike_sa->set_my_host(ike_sa, this->local->clone(this->local)); } + /* add a CHILD_SA for 'found_cfg' with a policy that has already been + * installed in the kernel + */ } else { - DBG1(DBG_JOB, "migrate job found CHILD_SA with reqid {%d}", this->reqid); - - /* set my_host to local */ - charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); + DBG1(DBG_JOB, "found CHILD_SA with reqid {%d}", this->reqid); + if (this->local) + { + ike_sa->set_my_host(ike_sa, this->local); + } } + charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); destroy(this); } |