Updated HA plugin to new APIs

9 files changed, 42 insertions, 54 deletions

diff --git a/src/libcharon/plugins/ha/Makefile.am b/src/libcharon/plugins/ha/Makefile.am
index 9d321dc8f..74fe1f4c7 100644
--- a/src/libcharon/plugins/ha/Makefile.am
+++ b/src/libcharon/plugins/ha/Makefile.am
@@ -1,5 +1,6 @@
 
-INCLUDES = -I${linux_headers} -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libcharon
+INCLUDES = -I${linux_headers} -I$(top_srcdir)/src/libstrongswan \
+	-I$(top_srcdir)/src/libhydra -I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = -rdynamic -DIPSEC_PIDDIR=\"${piddir}\"
 
diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index 4acf7477a..7df2f1fa8 100644
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -222,9 +222,6 @@ static void process_ike_update(private_ha_dispatcher_t *this,
 			case HA_REMOTE_ID:
 				ike_sa->set_other_id(ike_sa, value.id->clone(value.id));
 				break;
-			case HA_EAP_ID:
-				ike_sa->set_eap_identity(ike_sa, value.id->clone(value.id));
-				break;
 			case HA_LOCAL_ADDR:
 				ike_sa->set_my_host(ike_sa, value.host->clone(value.host));
 				break;
@@ -359,12 +356,12 @@ static void process_child_add(private_ha_dispatcher_t *this,
 	ha_message_value_t value;
 	enumerator_t *enumerator;
 	ike_sa_t *ike_sa = NULL;
-	char *config_name;
+	char *config_name = "";
 	child_cfg_t *config = NULL;
 	child_sa_t *child_sa;
 	proposal_t *proposal;
 	keymat_t *keymat;
-	bool initiator, failed = FALSE;
+	bool initiator = FALSE, failed = FALSE;
 	u_int32_t inbound_spi = 0, outbound_spi = 0;
 	u_int16_t inbound_cpi = 0, outbound_cpi = 0;
 	u_int8_t mode = MODE_TUNNEL, ipcomp = 0;
@@ -475,22 +472,42 @@ static void process_child_add(private_ha_dispatcher_t *this,
 	child_sa->set_state(child_sa, CHILD_INSTALLING);
 	proposal->destroy(proposal);
 
+	/* TODO: Change CHILD_SA API to avoid cloning twice */
+	local_ts = linked_list_create();
+	remote_ts = linked_list_create();
+	enumerator = message->create_attribute_enumerator(message);
+	while (enumerator->enumerate(enumerator, &attribute, &value))
+	{
+		switch (attribute)
+		{
+			case HA_LOCAL_TS:
+				local_ts->insert_last(local_ts, value.ts->clone(value.ts));
+				break;
+			case HA_REMOTE_TS:
+				remote_ts->insert_last(remote_ts, value.ts->clone(value.ts));
+				break;
+			default:
+				break;
+		}
+	}
+	enumerator->destroy(enumerator);
+
 	if (initiator)
 	{
-		if (child_sa->install(child_sa, encr_r, integ_r,
-							  inbound_spi, inbound_cpi, TRUE) != SUCCESS ||
-			child_sa->install(child_sa, encr_i, integ_i,
-							  outbound_spi, outbound_cpi, FALSE) != SUCCESS)
+		if (child_sa->install(child_sa, encr_r, integ_r, inbound_spi,
+						inbound_cpi, TRUE, local_ts, remote_ts) != SUCCESS ||
+			child_sa->install(child_sa, encr_i, integ_i, outbound_spi,
+						outbound_cpi, FALSE, local_ts, remote_ts) != SUCCESS)
 		{
 			failed = TRUE;
 		}
 	}
 	else
 	{
-		if (child_sa->install(child_sa, encr_i, integ_i,
-							  inbound_spi, inbound_cpi, TRUE) != SUCCESS ||
-			child_sa->install(child_sa, encr_r, integ_r,
-							  outbound_spi, outbound_cpi, FALSE) != SUCCESS)
+		if (child_sa->install(child_sa, encr_i, integ_i, inbound_spi,
+						inbound_cpi, TRUE, local_ts, remote_ts) != SUCCESS ||
+			child_sa->install(child_sa, encr_r, integ_r, outbound_spi,
+						outbound_cpi, FALSE, local_ts, remote_ts) != SUCCESS)
 		{
 			failed = TRUE;
 		}
@@ -504,29 +521,12 @@ static void process_child_add(private_ha_dispatcher_t *this,
 	{
 		DBG1(DBG_CHD, "HA CHILD_SA installation failed");
 		child_sa->destroy(child_sa);
+		local_ts->destroy_offset(local_ts, offsetof(traffic_selector_t, destroy));
+		remote_ts->destroy_offset(remote_ts, offsetof(traffic_selector_t, destroy));
 		charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
 		return;
 	}
 
-	/* TODO: Change CHILD_SA API to avoid cloning twice */
-	local_ts = linked_list_create();
-	remote_ts = linked_list_create();
-	enumerator = message->create_attribute_enumerator(message);
-	while (enumerator->enumerate(enumerator, &attribute, &value))
-	{
-		switch (attribute)
-		{
-			case HA_LOCAL_TS:
-				local_ts->insert_last(local_ts, value.ts->clone(value.ts));
-				break;
-			case HA_REMOTE_TS:
-				remote_ts->insert_last(remote_ts, value.ts->clone(value.ts));
-				break;
-			default:
-				break;
-		}
-	}
-	enumerator->destroy(enumerator);
 	child_sa->add_policies(child_sa, local_ts, remote_ts);
 	local_ts->destroy_offset(local_ts, offsetof(traffic_selector_t, destroy));
 	remote_ts->destroy_offset(remote_ts, offsetof(traffic_selector_t, destroy));
diff --git a/src/libcharon/plugins/ha/ha_ike.c b/src/libcharon/plugins/ha/ha_ike.c
index 501c79b43..1f025d0e5 100644
--- a/src/libcharon/plugins/ha/ha_ike.c
+++ b/src/libcharon/plugins/ha/ha_ike.c
@@ -146,7 +146,6 @@ static bool ike_updown(private_ha_ike_t *this, ike_sa_t *ike_sa, bool up)
 		peer_cfg_t *peer_cfg;
 		u_int32_t extension, condition;
 		host_t *addr;
-		identification_t *eap_id;
 		ike_sa_id_t *id;
 
 		peer_cfg = ike_sa->get_peer_cfg(ike_sa);
@@ -163,7 +162,6 @@ static bool ike_updown(private_ha_ike_t *this, ike_sa_t *ike_sa, bool up)
 				  | copy_extension(ike_sa, EXT_MOBIKE)
 				  | copy_extension(ike_sa, EXT_HASH_AND_URL);
 
-		eap_id = ike_sa->get_eap_identity(ike_sa);
 		id = ike_sa->get_id(ike_sa);
 
 		m = ha_message_create(HA_IKE_UPDATE);
@@ -175,10 +173,6 @@ static bool ike_updown(private_ha_ike_t *this, ike_sa_t *ike_sa, bool up)
 		m->add_attribute(m, HA_CONDITIONS, condition);
 		m->add_attribute(m, HA_EXTENSIONS, extension);
 		m->add_attribute(m, HA_CONFIG_NAME, peer_cfg->get_name(peer_cfg));
-		if (eap_id)
-		{
-			m->add_attribute(m, HA_EAP_ID, eap_id);
-		}
 		iterator = ike_sa->create_additional_address_iterator(ike_sa);
 		while (iterator->iterate(iterator, (void**)&addr))
 		{
diff --git a/src/libcharon/plugins/ha/ha_message.c b/src/libcharon/plugins/ha/ha_message.c
index cd6c90af3..54b10f05d 100644
--- a/src/libcharon/plugins/ha/ha_message.c
+++ b/src/libcharon/plugins/ha/ha_message.c
@@ -154,7 +154,6 @@ static void add_attribute(private_ha_message_t *this,
 		/* identification_t* */
 		case HA_LOCAL_ID:
 		case HA_REMOTE_ID:
-		case HA_EAP_ID:
 		{
 			identification_encoding_t *enc;
 			identification_t *id;
@@ -355,7 +354,6 @@ static bool attribute_enumerate(attribute_enumerator_t *this,
 		/* identification_t* */
 		case HA_LOCAL_ID:
 		case HA_REMOTE_ID:
-		case HA_EAP_ID:
 		{
 			identification_encoding_t *enc;
 
diff --git a/src/libcharon/plugins/ha/ha_message.h b/src/libcharon/plugins/ha/ha_message.h
index c7bca086a..b2bc23724 100644
--- a/src/libcharon/plugins/ha/ha_message.h
+++ b/src/libcharon/plugins/ha/ha_message.h
@@ -73,8 +73,6 @@ enum ha_message_attribute_t {
 	HA_LOCAL_ID,
 	/** identification_t*, remote identity */
 	HA_REMOTE_ID,
-	/** identification_t*, EAP identity */
-	HA_EAP_ID,
 	/** host_t*, local address */
 	HA_LOCAL_ADDR,
 	/** host_t*, remote address */
diff --git a/src/libcharon/plugins/ha/ha_plugin.c b/src/libcharon/plugins/ha/ha_plugin.c
index 661db8af8..ea255c8ab 100644
--- a/src/libcharon/plugins/ha/ha_plugin.c
+++ b/src/libcharon/plugins/ha/ha_plugin.c
@@ -97,10 +97,10 @@ static void destroy(private_ha_plugin_t *this)
 	free(this);
 }
 
-/*
- * see header file
+/**
+ * Plugin constructor
  */
-plugin_t *plugin_create()
+plugin_t *ha_plugin_create()
 {
 	private_ha_plugin_t *this;
 	char *local, *remote, *secret;
diff --git a/src/libcharon/plugins/ha/ha_plugin.h b/src/libcharon/plugins/ha/ha_plugin.h
index e83712fa6..1ae2fe6dd 100644
--- a/src/libcharon/plugins/ha/ha_plugin.h
+++ b/src/libcharon/plugins/ha/ha_plugin.h
@@ -44,9 +44,4 @@ struct ha_plugin_t {
 	plugin_t plugin;
 };
 
-/**
- * Create a ha_plugin instance.
- */
-plugin_t *plugin_create();
-
 #endif /* HA_PLUGIN_H_ @}*/
diff --git a/src/libcharon/plugins/ha/ha_segments.c b/src/libcharon/plugins/ha/ha_segments.c
index 3575d05b8..2199671fc 100644
--- a/src/libcharon/plugins/ha/ha_segments.c
+++ b/src/libcharon/plugins/ha/ha_segments.c
@@ -17,7 +17,8 @@
 
 #include <pthread.h>
 
-#include <utils/mutex.h>
+#include <threading/mutex.h>
+#include <threading/condvar.h>
 #include <utils/linked_list.h>
 #include <processing/jobs/callback_job.h>
 
diff --git a/src/libcharon/plugins/ha/ha_tunnel.c b/src/libcharon/plugins/ha/ha_tunnel.c
index 97a252dae..b3511e5f0 100644
--- a/src/libcharon/plugins/ha/ha_tunnel.c
+++ b/src/libcharon/plugins/ha/ha_tunnel.c
@@ -214,7 +214,8 @@ static void setup_tunnel(private_ha_tunnel_t *this,
 	charon->credentials->add_set(charon->credentials, &this->creds.public);
 
 	/* create config and backend */
-	ike_cfg = ike_cfg_create(FALSE, FALSE, local, remote);
+	ike_cfg = ike_cfg_create(FALSE, FALSE, local, IKEV2_UDP_PORT,
+							 remote, IKEV2_UDP_PORT);
 	ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
 	peer_cfg = peer_cfg_create("ha", 2, ike_cfg, CERT_NEVER_SEND,
 						UNIQUE_KEEP, 0, 86400, 0, 7200, 3600, FALSE, 30,
@@ -233,7 +234,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
 	peer_cfg->add_auth_cfg(peer_cfg, auth_cfg, FALSE);
 
 	child_cfg = child_cfg_create("ha", &lifetime, NULL, TRUE,
-						MODE_TRANSPORT, ACTION_NONE, ACTION_NONE, FALSE);
+						MODE_TRANSPORT, ACTION_NONE, ACTION_NONE, FALSE, 0);
 	ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_PORT, HA_PORT);
 	child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
 	ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);