diff options
| -rw-r--r-- | src/charon/config/child_cfg.h | 14 | ||||
| -rw-r--r-- | src/charon/plugins/stroke/stroke_config.c | 8 | ||||
| -rw-r--r-- | src/starter/starterstroke.c | 4 | ||||
| -rw-r--r-- | src/stroke/stroke_msg.h | 4 |
4 files changed, 27 insertions, 3 deletions
diff --git a/src/charon/config/child_cfg.h b/src/charon/config/child_cfg.h index 7bae8d9a6..ce6a23629 100644 --- a/src/charon/config/child_cfg.h +++ b/src/charon/config/child_cfg.h @@ -93,6 +93,16 @@ struct lifetime_cfg_t { }; /** + * Helper macro to easily set all three values of a specified limit (time, + * bytes, packets). + */ +#define LIFETIME_CFG_SET(l, limit, life, rekey, jitter) do { \ + (l)->life_##limit = (life); \ + (l)->rekey_##limit = (rekey); \ + (l)->jitter_##limit = (jitter); \ +} while(0) + +/** * Create a new lifetime_cfg_t object. */ static inline lifetime_cfg_t* lifetime_cfg_create() { @@ -108,9 +118,7 @@ static inline lifetime_cfg_t* lifetime_cfg_create_time(u_int64_t life, u_int64_t rekey, u_int64_t jitter) { lifetime_cfg_t *this = lifetime_cfg_create(); - this->life_time = life; - this->rekey_time = rekey; - this->jitter_time = jitter; + LIFETIME_CFG_SET(this, time, life, rekey, jitter); return this; } diff --git a/src/charon/plugins/stroke/stroke_config.c b/src/charon/plugins/stroke/stroke_config.c index 5a4dfe264..c76fd1622 100644 --- a/src/charon/plugins/stroke/stroke_config.c +++ b/src/charon/plugins/stroke/stroke_config.c @@ -772,6 +772,14 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this, msg->add_conn.rekey.ipsec_lifetime, msg->add_conn.rekey.ipsec_lifetime - msg->add_conn.rekey.margin, msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100); + LIFETIME_CFG_SET(lifetime, bytes, + msg->add_conn.rekey.life_bytes, + msg->add_conn.rekey.life_bytes - msg->add_conn.rekey.margin_bytes, + msg->add_conn.rekey.margin_bytes * msg->add_conn.rekey.fuzz / 100); + LIFETIME_CFG_SET(lifetime, packets, + msg->add_conn.rekey.life_packets, + msg->add_conn.rekey.life_packets - msg->add_conn.rekey.margin_packets, + msg->add_conn.rekey.margin_packets * msg->add_conn.rekey.fuzz / 100); child_cfg = child_cfg_create( msg->add_conn.name, lifetime, diff --git a/src/starter/starterstroke.c b/src/starter/starterstroke.c index 578c52ee1..96caff8cb 100644 --- a/src/starter/starterstroke.c +++ b/src/starter/starterstroke.c @@ -279,6 +279,10 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn) msg.add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds; msg.add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds; msg.add_conn.rekey.margin = conn->sa_rekey_margin; + msg.add_conn.rekey.life_bytes = conn->sa_ipsec_life_bytes; + msg.add_conn.rekey.margin_bytes = conn->sa_ipsec_margin_bytes; + msg.add_conn.rekey.life_packets = conn->sa_ipsec_life_packets; + msg.add_conn.rekey.margin_packets = conn->sa_ipsec_margin_packets; msg.add_conn.rekey.tries = conn->sa_keying_tries; msg.add_conn.rekey.fuzz = conn->sa_rekey_fuzz; } diff --git a/src/stroke/stroke_msg.h b/src/stroke/stroke_msg.h index abf285a86..9c3041c38 100644 --- a/src/stroke/stroke_msg.h +++ b/src/stroke/stroke_msg.h @@ -237,6 +237,10 @@ struct stroke_msg_t { time_t ipsec_lifetime; time_t ike_lifetime; time_t margin; + u_int64_t life_bytes; + u_int64_t margin_bytes; + u_int64_t life_packets; + u_int64_t margin_packets; unsigned long tries; unsigned long fuzz; } rekey; |