diff options
| author | Martin Willi <martin@strongswan.org> | 2006-05-29 11:09:45 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2006-05-29 11:09:45 +0000 |
| commit | 9fe14f4b8a3ae487134854eb8ebdfcb49cea4027 (patch) | |
| tree | efc4aa1a147e18e3b24b53e0d917e12e0b9a5cde /src/charon/threads/stroke_interface.c | |
| parent | 4c59264d9b73d8eb2b29189cacd9ff3b60e2ec13 (diff) | |
| download | strongswan-9fe14f4b8a3ae487134854eb8ebdfcb49cea4027.tar.bz2 strongswan-9fe14f4b8a3ae487134854eb8ebdfcb49cea4027.tar.xz | |
- policies contain a connections name now
- used for initiate and delete
- connections won't get initiated twice anymore
- deleting of connections is now possible, which allows us to use
ipsec update and ipsec reload
Diffstat (limited to 'src/charon/threads/stroke_interface.c')
| -rwxr-xr-x | src/charon/threads/stroke_interface.c | 50 |
1 files changed, 44 insertions, 6 deletions
diff --git a/src/charon/threads/stroke_interface.c b/src/charon/threads/stroke_interface.c index 9110f5c24..9c41701d7 100755 --- a/src/charon/threads/stroke_interface.c +++ b/src/charon/threads/stroke_interface.c @@ -293,7 +293,6 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) connection = connection_create(msg->add_conn.name, msg->add_conn.ikev2, my_host, other_host, - my_id->clone(my_id), other_id->clone(other_id), RSA_DIGITAL_SIGNATURE); proposal = proposal_create(1); proposal->add_algorithm(proposal, PROTO_IKE, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); @@ -317,7 +316,7 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) other_host->get_address(other_host), other_id->get_string(other_id)); - policy = policy_create(my_id, other_id); + policy = policy_create(msg->add_conn.name, my_id, other_id); proposal = proposal_create(1); proposal->add_algorithm(proposal, PROTO_ESP, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); proposal->add_algorithm(proposal, PROTO_ESP, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); @@ -331,12 +330,38 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) } /** + * Delete a connection from the list + */ +static void stroke_del_conn(private_stroke_t *this, stroke_msg_t *msg) +{ + status_t status; + + pop_string(msg, &(msg->del_conn.name)); + this->logger->log(this->logger, CONTROL, "received stroke: delete \"%s\"", msg->del_conn.name); + + status = charon->connections->delete_connection(charon->connections, + msg->del_conn.name); + charon->policies->delete_policy(charon->policies, msg->del_conn.name); + if (status == SUCCESS) + { + this->stroke_logger->log(this->stroke_logger, CONTROL, + "Deleted connection '%s'", msg->del_conn.name); + } + else + { + this->stroke_logger->log(this->stroke_logger, ERROR, + "No connection named '%s'", msg->del_conn.name); + } +} + +/** * initiate a connection by name */ static void stroke_initiate(private_stroke_t *this, stroke_msg_t *msg) { initiate_ike_sa_job_t *job; connection_t *connection; + linked_list_t *ike_sas; pop_string(msg, &(msg->initiate.name)); this->logger->log(this->logger, CONTROL, "received stroke: initiate \"%s\"", msg->initiate.name); @@ -348,10 +373,20 @@ static void stroke_initiate(private_stroke_t *this, stroke_msg_t *msg) /* only initiate if it is an IKEv2 connection, ignore IKEv1 */ else if (connection->is_ikev2(connection)) { - this->stroke_logger->log(this->stroke_logger, CONTROL, "initiating connection \"%s\" (see log)...", msg->initiate.name); - - job = initiate_ike_sa_job_create(connection); - charon->job_queue->add(charon->job_queue, (job_t*)job); + /* check for already set up IKE_SAs befor initiating */ + ike_sas = charon->ike_sa_manager->get_ike_sa_list_by_name(charon->ike_sa_manager, msg->initiate.name); + if (ike_sas->get_count(ike_sas) == 0) + { + this->stroke_logger->log(this->stroke_logger, CONTROL, "initiating connection \"%s\" (see log)...", msg->initiate.name); + job = initiate_ike_sa_job_create(connection); + charon->job_queue->add(charon->job_queue, (job_t*)job); + } + else + { + + this->stroke_logger->log(this->stroke_logger, CONTROL, "connection \"%s\" already up", msg->initiate.name); + } + ike_sas->destroy(ike_sas); } } @@ -621,6 +656,9 @@ static void stroke_receive(private_stroke_t *this) case STR_ADD_CONN: stroke_add_conn(this, msg); break; + case STR_DEL_CONN: + stroke_del_conn(this, msg); + break; case STR_LOGTYPE: stroke_logtype(this, msg); break; |