Support inactivity timeout in IKEv1 CHILD_SAs

1 files changed, 24 insertions, 1 deletions

diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c
index 6956dcb40..d8bc2884c 100755
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c
@@ -26,6 +26,7 @@
 #include <encoding/payloads/payload.h>
 #include <sa/ikev1/tasks/informational.h>
 #include <sa/ikev1/tasks/quick_delete.h>
+#include <processing/jobs/inactivity_job.h>
 
 typedef struct private_quick_mode_t private_quick_mode_t;
 
@@ -137,6 +138,25 @@ struct private_quick_mode_t {
 };
 
 /**
+ * Schedule inactivity timeout for CHILD_SA with reqid, if enabled
+ */
+static void schedule_inactivity_timeout(private_quick_mode_t *this)
+{
+	u_int32_t timeout;
+	bool close_ike;
+
+	timeout = this->config->get_inactivity(this->config);
+	if (timeout)
+	{
+		close_ike = lib->settings->get_bool(lib->settings,
+										"charon.inactivity_close_ike", FALSE);
+		lib->scheduler->schedule_job(lib->scheduler, (job_t*)
+				inactivity_job_create(this->child_sa->get_reqid(this->child_sa),
+									  timeout, close_ike), timeout);
+	}
+}
+
+/**
  * Install negotiated CHILD_SA
  */
 static bool install(private_quick_mode_t *this)
@@ -257,8 +277,11 @@ static bool install(private_quick_mode_t *this)
 	{
 		charon->bus->child_updown(charon->bus, this->child_sa, TRUE);
 	}
+	if (!this->rekey)
+	{
+		schedule_inactivity_timeout(this);
+	}
 	this->child_sa = NULL;
-
 	return TRUE;
 }