diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2017-03-21 15:56:02 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-05-23 18:46:49 +0200 |
| commit | ba0796fe75b1a8b6e23ff8543058baa909beae8f (patch) | |
| tree | 61a1a8b57462972eb23bced5dd5daef4d7c27a30 | |
| parent | 0cbf75eb941d5bd6b6ddfbe556c725d5105c0421 (diff) | |
| download | strongswan-ba0796fe75b1a8b6e23ff8543058baa909beae8f.tar.bz2 strongswan-ba0796fe75b1a8b6e23ff8543058baa909beae8f.tar.xz | |
delete-child-sa-job: Add new constructor that takes the unique ID of a CHILD_SA
This makes sure we delete the right SA in case the addresses got updated
in the mean time.
| -rw-r--r-- | src/libcharon/processing/jobs/delete_child_sa_job.c | 69 | ||||
| -rw-r--r-- | src/libcharon/processing/jobs/delete_child_sa_job.h | 13 |
2 files changed, 69 insertions, 13 deletions
diff --git a/src/libcharon/processing/jobs/delete_child_sa_job.c b/src/libcharon/processing/jobs/delete_child_sa_job.c index 70dbc1b4a..048b879f1 100644 --- a/src/libcharon/processing/jobs/delete_child_sa_job.c +++ b/src/libcharon/processing/jobs/delete_child_sa_job.c @@ -1,6 +1,7 @@ /* + * Copyright (C) 2017 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -24,19 +25,19 @@ typedef struct private_delete_child_sa_job_t private_delete_child_sa_job_t; * Private data of an delete_child_sa_job_t object. */ struct private_delete_child_sa_job_t { - /** + /** * Public delete_child_sa_job_t interface. */ delete_child_sa_job_t public; /** - * protocol of the CHILD_SA (ESP/AH) + * Protocol of the CHILD_SA (ESP/AH) */ protocol_id_t protocol; /** - * inbound SPI of the CHILD_SA + * Inbound SPI of the CHILD_SA */ uint32_t spi; @@ -49,12 +50,17 @@ struct private_delete_child_sa_job_t { * Delete for an expired CHILD_SA */ bool expired; + + /** + * Unique ID of the CHILD_SA + */ + uint32_t id; }; METHOD(job_t, destroy, void, private_delete_child_sa_job_t *this) { - this->dst->destroy(this->dst); + DESTROY_IF(this->dst); free(this); } @@ -63,17 +69,37 @@ METHOD(job_t, execute, job_requeue_t, { ike_sa_t *ike_sa; - ike_sa = charon->child_sa_manager->checkout(charon->child_sa_manager, - this->protocol, this->spi, this->dst, NULL); - if (ike_sa == NULL) + if (this->id) { - DBG1(DBG_JOB, "CHILD_SA %N/0x%08x/%H not found for delete", - protocol_id_names, this->protocol, htonl(this->spi), this->dst); + child_sa_t *child_sa; + + ike_sa = charon->child_sa_manager->checkout_by_id( + charon->child_sa_manager, this->id, &child_sa); + if (!ike_sa) + { + DBG1(DBG_JOB, "CHILD_SA {%d} not found for delete", this->id); + } + else + { + this->spi = child_sa->get_spi(child_sa, TRUE); + this->protocol = child_sa->get_protocol(child_sa); + } } else { - ike_sa->delete_child_sa(ike_sa, this->protocol, this->spi, this->expired); + ike_sa = charon->child_sa_manager->checkout(charon->child_sa_manager, + this->protocol, this->spi, this->dst, NULL); + if (!ike_sa) + { + DBG1(DBG_JOB, "CHILD_SA %N/0x%08x/%H not found for delete", + protocol_id_names, this->protocol, htonl(this->spi), this->dst); + } + } + if (ike_sa) + { + ike_sa->delete_child_sa(ike_sa, this->protocol, this->spi, + this->expired); charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); } return JOB_REQUEUE_NONE; @@ -109,3 +135,24 @@ delete_child_sa_job_t *delete_child_sa_job_create(protocol_id_t protocol, return &this->public; } + +/* + * Described in header + */ +delete_child_sa_job_t *delete_child_sa_job_create_id(uint32_t id) +{ + private_delete_child_sa_job_t *this; + + INIT(this, + .public = { + .job_interface = { + .execute = _execute, + .get_priority = _get_priority, + .destroy = _destroy, + }, + }, + .id = id, + ); + + return &this->public; +} diff --git a/src/libcharon/processing/jobs/delete_child_sa_job.h b/src/libcharon/processing/jobs/delete_child_sa_job.h index 349f5debb..b2d5a11f6 100644 --- a/src/libcharon/processing/jobs/delete_child_sa_job.h +++ b/src/libcharon/processing/jobs/delete_child_sa_job.h @@ -1,6 +1,7 @@ /* + * Copyright (C) 2017 Tobias Brunner * Copyright (C) 2006 Martin Willi - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -42,7 +43,7 @@ struct delete_child_sa_job_t { }; /** - * Creates a job of type DELETE_CHILD_SA. + * Creates a job that deletes a CHILD_SA. * * @param protocol protocol of the CHILD_SA * @param spi security parameter index of the CHILD_SA @@ -53,4 +54,12 @@ struct delete_child_sa_job_t { delete_child_sa_job_t *delete_child_sa_job_create(protocol_id_t protocol, uint32_t spi, host_t *dst, bool expired); +/** + * Creates a job that deletes a CHILD_SA identified by its unique ID. + * + * @param id unique ID of the CHILD_SA + * @return delete_child_sa_job_t object + */ +delete_child_sa_job_t *delete_child_sa_job_create_id(uint32_t id); + #endif /** DELETE_CHILD_SA_JOB_H_ @}*/ |