diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2009-08-27 11:45:36 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2009-09-01 12:53:43 +0200 |
| commit | cb123493d13cbb90db694a58a12a74ae1f67c80e (patch) | |
| tree | bf2b462136e0cd9aee125bb475c8b51998a6cac0 /src | |
| parent | 888af96343504a4356a80d7c8119bdc11bd3e4a5 (diff) | |
| download | strongswan-cb123493d13cbb90db694a58a12a74ae1f67c80e.tar.bz2 strongswan-cb123493d13cbb90db694a58a12a74ae1f67c80e.tar.xz | |
child_sa_t adapted to the new lifetime configuration.
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon/sa/child_sa.c | 34 |
1 files changed, 21 insertions, 13 deletions
diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index ed7df6513..99d15377e 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2008 Tobias Brunner + * Copyright (C) 2006-2009 Tobias Brunner * Copyright (C) 2005-2008 Martin Willi * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter @@ -547,7 +547,8 @@ static status_t install(private_child_sa_t *this, chunk_t encr, chunk_t integ, u_int32_t spi, u_int16_t cpi, bool inbound) { u_int16_t enc_alg = ENCR_UNDEFINED, int_alg = AUTH_UNDEFINED, size; - u_int32_t soft, hard, now; + time_t now; + lifetime_cfg_t *lifetime; host_t *src, *dst; status_t status; bool update = FALSE; @@ -585,23 +586,30 @@ static status_t install(private_child_sa_t *this, chunk_t encr, chunk_t integ, this->proposal->get_algorithm(this->proposal, INTEGRITY_ALGORITHM, &int_alg, &size); - soft = this->config->get_lifetime(this->config, TRUE); - hard = this->config->get_lifetime(this->config, FALSE); - - status = charon->kernel_interface->add_sa(charon->kernel_interface, - src, dst, spi, this->protocol, this->reqid, - inbound ? soft : 0, hard, enc_alg, encr, int_alg, integ, - this->mode, this->ipcomp, cpi, this->encap, update); + lifetime = this->config->get_lifetime(this->config); now = time_monotonic(NULL); - if (soft) + if (lifetime->rekey_time) { - this->rekey_time = now + soft; + this->rekey_time = now + lifetime->rekey_time; } - if (hard) + if (lifetime->life_time) { - this->expire_time = now + hard; + this->expire_time = now + lifetime->life_time; + } + + if (!lifetime->jitter_time && !inbound) + { /* avoid triggering multiple rekey events */ + lifetime->rekey_time = 0; } + + status = charon->kernel_interface->add_sa(charon->kernel_interface, + src, dst, spi, this->protocol, this->reqid, lifetime, + enc_alg, encr, int_alg, integ, this->mode, this->ipcomp, cpi, + this->encap, update); + + free(lifetime); + return status; } |