make IKEv1 DPD timeout configurable in charon

10 files changed, 28 insertions, 11 deletions

diff --git a/src/libcharon/plugins/android/android_service.c b/src/libcharon/plugins/android/android_service.c
index 62fd52b12..a25ca3612 100644
--- a/src/libcharon/plugins/android/android_service.c
+++ b/src/libcharon/plugins/android/android_service.c
@@ -277,7 +277,8 @@ static job_requeue_t initiate(private_android_service_t *this)
 							   UNIQUE_REPLACE, 1, /* keyingtries */
 							   36000, 0, /* rekey 10h, reauth none */
 							   600, 600, /* jitter, over 10min */
-							   TRUE, FALSE, 0, /* mobike, aggressive, DPD */
+							   TRUE, FALSE, /* mobike, aggressive */
+							   0, 0, /* DPD delay, timeout */
 							   host_create_from_string("0.0.0.0", 0) /* virt */,
 							   NULL, FALSE, NULL, NULL); /* pool, mediation */
 
diff --git a/src/libcharon/plugins/ha/ha_tunnel.c b/src/libcharon/plugins/ha/ha_tunnel.c
index 6f20620f2..6558ea3b7 100644
--- a/src/libcharon/plugins/ha/ha_tunnel.c
+++ b/src/libcharon/plugins/ha/ha_tunnel.c
@@ -208,7 +208,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
 	ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
 	peer_cfg = peer_cfg_create("ha", IKEV2, ike_cfg, CERT_NEVER_SEND,
 						UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, FALSE, 30,
-						NULL, NULL, FALSE, NULL, NULL);
+						0, NULL, NULL, FALSE, NULL, NULL);
 
 	auth_cfg = auth_cfg_create();
 	auth_cfg->add(auth_cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PSK);
diff --git a/src/libcharon/plugins/load_tester/load_tester_config.c b/src/libcharon/plugins/load_tester/load_tester_config.c
index 47ce6fa71..75ac1ff49 100644
--- a/src/libcharon/plugins/load_tester/load_tester_config.c
+++ b/src/libcharon/plugins/load_tester/load_tester_config.c
@@ -95,6 +95,11 @@ struct private_load_tester_config_t {
 	u_int dpd_delay;
 
 	/**
+	 * DPD timeout (IKEv1 only)
+	 */
+	u_int dpd_timeout;
+
+	/**
 	 * incremental numbering of generated configs
 	 */
 	u_int num;
@@ -259,7 +264,8 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
 							   this->ike_rekey, 0, /* rekey, reauth */
 							   0, this->ike_rekey, /* jitter, overtime */
 							   FALSE, FALSE, /* mobike, aggressive mode */
-							   this->dpd_delay, /* dpddelay */
+							   this->dpd_delay,   /* dpd_delay */
+							   this->dpd_timeout, /* dpd_timeout */
 							   this->vip ? this->vip->clone(this->vip) : NULL,
 							   this->pool, FALSE, NULL, NULL);
 	if (num)
@@ -367,6 +373,8 @@ load_tester_config_t *load_tester_config_create()
 			"%s.plugins.load-tester.child_rekey", 600, charon->name);
 	this->dpd_delay = lib->settings->get_int(lib->settings,
 			"%s.plugins.load-tester.dpd_delay", 0, charon->name);
+	this->dpd_timeout = lib->settings->get_int(lib->settings,
+			"%s.plugins.load-tester.dpd_timeout", 0, charon->name);
 
 	this->initiator_auth = lib->settings->get_str(lib->settings,
 			"%s.plugins.load-tester.initiator_auth", "pubkey", charon->name);
diff --git a/src/libcharon/plugins/maemo/maemo_service.c b/src/libcharon/plugins/maemo/maemo_service.c
index 67d2b2984..1d1bb63d8 100644
--- a/src/libcharon/plugins/maemo/maemo_service.c
+++ b/src/libcharon/plugins/maemo/maemo_service.c
@@ -332,7 +332,8 @@ static gboolean initiate_connection(private_maemo_service_t *this,
 							   UNIQUE_REPLACE, 1, /* keyingtries */
 							   36000, 0, /* rekey 10h, reauth none */
 							   600, 600, /* jitter, over 10min */
-							   TRUE, FALSE, 0, /* mobike, aggressive, DPD */
+							   TRUE, FALSE, /* mobike, aggressive */
+							   0, 0, /* DPD delay, timeout */
 							   host_create_from_string("0.0.0.0", 0) /* virt */,
 							   NULL, FALSE, NULL, NULL); /* pool, mediation */
 
diff --git a/src/libcharon/plugins/medcli/medcli_config.c b/src/libcharon/plugins/medcli/medcli_config.c
index 7fa0152bd..3b99144f0 100644
--- a/src/libcharon/plugins/medcli/medcli_config.c
+++ b/src/libcharon/plugins/medcli/medcli_config.c
@@ -126,7 +126,8 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
 		CERT_NEVER_SEND, UNIQUE_REPLACE,
 		1, this->rekey*60, 0,			/* keytries, rekey, reauth */
 		this->rekey*5, this->rekey*3,	/* jitter, overtime */
-		TRUE, FALSE, this->dpd,			/* mobike, aggressive, dpddelay */
+		TRUE, FALSE,					/* mobike, aggressive */
+		this->dpd, 0,					/* DPD delay, timeout */
 		NULL, NULL,						/* vip, pool */
 		TRUE, NULL, NULL);				/* mediation, med by, peer id */
 	e->destroy(e);
@@ -163,7 +164,8 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
 		CERT_NEVER_SEND, UNIQUE_REPLACE,
 		1, this->rekey*60, 0,			/* keytries, rekey, reauth */
 		this->rekey*5, this->rekey*3,	/* jitter, overtime */
-		TRUE, FALSE, this->dpd,			/* mobike, aggressive, dpddelay */
+		TRUE, FALSE,					/* mobike, aggressive */
+		this->dpd, 0,					/* DPD delay, timeout */
 		NULL, NULL,						/* vip, pool */
 		FALSE, med_cfg,					/* mediation, med by */
 		identification_create_from_encoding(ID_KEY_ID, other));
@@ -238,7 +240,8 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
 				CERT_NEVER_SEND, UNIQUE_REPLACE,
 				1, this->rekey*60, 0,			/* keytries, rekey, reauth */
 				this->rekey*5, this->rekey*3,	/* jitter, overtime */
-				TRUE, FALSE, this->dpd,			/* mobike, aggr., dpddelay */
+				TRUE, FALSE,					/* mobike, aggressive */
+				this->dpd, 0,					/* DPD delay, timeout */
 				NULL, NULL,						/* vip, pool */
 				FALSE, NULL, NULL);				/* mediation, med by, peer id */
 
diff --git a/src/libcharon/plugins/medsrv/medsrv_config.c b/src/libcharon/plugins/medsrv/medsrv_config.c
index 366558ac2..42564734f 100644
--- a/src/libcharon/plugins/medsrv/medsrv_config.c
+++ b/src/libcharon/plugins/medsrv/medsrv_config.c
@@ -92,7 +92,8 @@ METHOD(backend_t, create_peer_cfg_enumerator, enumerator_t*,
 				CERT_NEVER_SEND, UNIQUE_REPLACE,
 				1, this->rekey*60, 0,			/* keytries, rekey, reauth */
 				this->rekey*5, this->rekey*3,	/* jitter, overtime */
-				TRUE, FALSE, this->dpd,			/* mobike, aggr., dpddelay */
+				TRUE, FALSE,					/* mobike, aggressiv */
+				this->dpd, 0,					/* DPD delay, timeout */
 				NULL, NULL,						/* vip, pool */
 				TRUE, NULL, NULL);				/* mediation, med by, peer id */
 			e->destroy(e);
diff --git a/src/libcharon/plugins/sql/sql_config.c b/src/libcharon/plugins/sql/sql_config.c
index b06bd3706..c2d4b6885 100644
--- a/src/libcharon/plugins/sql/sql_config.c
+++ b/src/libcharon/plugins/sql/sql_config.c
@@ -370,7 +370,7 @@ static peer_cfg_t *build_peer_cfg(private_sql_config_t *this, enumerator_t *e,
 			peer_cfg = peer_cfg_create(
 					name, IKEV2, ike, cert_policy, uniqueid,
 					keyingtries, rekeytime, reauthtime, jitter, overtime,
-					mobike, FALSE, dpd_delay, vip, pool,
+					mobike, FALSE, dpd_delay, 0, vip, pool,
 					mediation, mediated_cfg, peer_id);
 			auth = auth_cfg_create();
 			auth->add(auth, AUTH_RULE_AUTH_CLASS, auth_method);
diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index 89e1e0a91..6b8dc234b 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -661,7 +661,8 @@ static peer_cfg_t *build_peer_cfg(private_stroke_config_t *this,
 		msg->add_conn.version, ike_cfg,
 		msg->add_conn.me.sendcert, unique,
 		msg->add_conn.rekey.tries, rekey, reauth, jitter, over,
-		msg->add_conn.mobike, msg->add_conn.aggressive, msg->add_conn.dpd.delay,
+		msg->add_conn.mobike, msg->add_conn.aggressive,
+		msg->add_conn.dpd.delay, msg->add_conn.dpd.timeout,
 		vip, msg->add_conn.other.sourceip_mask ?
 							msg->add_conn.name : msg->add_conn.other.sourceip,
 		msg->add_conn.ikeme.mediation, mediated_by, peer_id);
diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
index 8a52e0eb0..daf244e74 100644
--- a/src/libcharon/plugins/stroke/stroke_socket.c
+++ b/src/libcharon/plugins/stroke/stroke_socket.c
@@ -234,6 +234,7 @@ static void stroke_add_conn(private_stroke_socket_t *this, stroke_msg_t *msg)
 	DBG2(DBG_CFG, "  ike=%s", msg->add_conn.algorithms.ike);
 	DBG2(DBG_CFG, "  esp=%s", msg->add_conn.algorithms.esp);
 	DBG2(DBG_CFG, "  dpddelay=%d", msg->add_conn.dpd.delay);
+	DBG2(DBG_CFG, "  dpdtimeout=%d", msg->add_conn.dpd.timeout);
 	DBG2(DBG_CFG, "  dpdaction=%d", msg->add_conn.dpd.action);
 	DBG2(DBG_CFG, "  closeaction=%d", msg->add_conn.close_action);
 	DBG2(DBG_CFG, "  mediation=%s", msg->add_conn.ikeme.mediation ? "yes" : "no");
diff --git a/src/libcharon/plugins/uci/uci_config.c b/src/libcharon/plugins/uci/uci_config.c
index b4e99c3f2..eb2c4b330 100644
--- a/src/libcharon/plugins/uci/uci_config.c
+++ b/src/libcharon/plugins/uci/uci_config.c
@@ -175,7 +175,8 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
 					name, IKEV2, ike_cfg, CERT_SEND_IF_ASKED, UNIQUE_NO,
 					1, create_rekey(ike_rekey), 0,  /* keytries, rekey, reauth */
 					1800, 900,						/* jitter, overtime */
-					TRUE, FALSE, 60,			/* mobike, aggr., dpddelay */
+					TRUE, FALSE,				/* mobike, aggressive */
+					60, 0,						/* DPD delay, timeout */
 					NULL, NULL,					/* vip, pool */
 					FALSE, NULL, NULL);			/* mediation, med by, peer id */
 		auth = auth_cfg_create();