diff options
| -rw-r--r-- | src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c | 9 | ||||
| -rw-r--r-- | src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 6 | ||||
| -rw-r--r-- | src/charon/processing/jobs/migrate_job.c | 23 | ||||
| -rw-r--r-- | src/charon/processing/jobs/migrate_job.h | 11 |
4 files changed, 33 insertions, 16 deletions
diff --git a/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c index cdf9c1e99..5dffe2bfb 100644 --- a/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -586,7 +586,7 @@ static void process_migrate(private_kernel_netlink_ipsec_t *this, struct nlmsghd local = xfrm2host(kmaddress->family, &kmaddress->local, 0); remote = xfrm2host(kmaddress->family, &kmaddress->remote, 0); DBG2(DBG_KNL, " %H...%H", local, remote); - DESTROY_IF(remote); } + } else if (rta->rta_type == XFRMA_MIGRATE) { struct xfrm_user_migrate *migrate; @@ -612,10 +612,10 @@ static void process_migrate(private_kernel_netlink_ipsec_t *this, struct nlmsghd if (src_ts && dst_ts) { - DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N " - "with reqid {%u}, kmaddress = %H", + DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N with reqid {%u}", src_ts, dst_ts, policy_dir_names, dir, reqid, local); - job = (job_t*)migrate_job_create(reqid, src_ts, dst_ts, dir, local); + job = (job_t*)migrate_job_create(reqid, src_ts, dst_ts, dir, + local, remote); charon->processor->queue_job(charon->processor, job); } else @@ -623,6 +623,7 @@ static void process_migrate(private_kernel_netlink_ipsec_t *this, struct nlmsghd DESTROY_IF(src_ts); DESTROY_IF(dst_ts); DESTROY_IF(local); + DESTROY_IF(remote); } } diff --git a/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index f7c695447..4d2a97bf5 100644 --- a/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -858,10 +858,10 @@ static void process_migrate(private_kernel_pfkey_ipsec_t *this, struct sadb_msg* if (src_ts && dst_ts) { - DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N " - "with reqid {%u}, kmaddress = %H", + DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N with reqid {%u}", src_ts, dst_ts, policy_dir_names, dir, reqid, local); - job = (job_t*)migrate_job_create(reqid, src_ts, dst_ts, dir, local); + job = (job_t*)migrate_job_create(reqid, src_ts, dst_ts, dir, + local, NULL); charon->processor->queue_job(charon->processor, job); } else diff --git a/src/charon/processing/jobs/migrate_job.c b/src/charon/processing/jobs/migrate_job.c index f7ec57685..100158a67 100644 --- a/src/charon/processing/jobs/migrate_job.c +++ b/src/charon/processing/jobs/migrate_job.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006 Martin Willi + * Copyright (C) 2008 Andreas Steffen * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: acquire_job.c 4535 2008-10-31 01:43:23Z andreas $ + * $Id$ */ #include "migrate_job.h" @@ -49,9 +49,14 @@ struct private_migrate_job_t { traffic_selector_t *dst_ts; /** - * local host address to be used + * local host address to be used for IKE */ host_t *local; + + /** + * remote host address to be used for IKE + */ + host_t *remote; }; /** @@ -62,6 +67,7 @@ static void destroy(private_migrate_job_t *this) DESTROY_IF(this->src_ts); DESTROY_IF(this->dst_ts); DESTROY_IF(this->local); + DESTROY_IF(this->remote); free(this); } @@ -140,6 +146,10 @@ static void execute(private_migrate_job_t *this) { ike_sa->set_my_host(ike_sa, this->local->clone(this->local)); } + if (this->remote) + { + ike_sa->set_other_host(ike_sa, this->remote->clone(this->remote)); + } /* add a CHILD_SA for 'found_cfg' with a policy that has already been * installed in the kernel */ @@ -151,6 +161,10 @@ static void execute(private_migrate_job_t *this) { ike_sa->set_my_host(ike_sa, this->local); } + if (this->remote) + { + ike_sa->set_other_host(ike_sa, this->remote->clone(this->remote)); + } } charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa); destroy(this); @@ -163,7 +177,7 @@ migrate_job_t *migrate_job_create(u_int32_t reqid, traffic_selector_t *src_ts, traffic_selector_t *dst_ts, policy_dir_t dir, - host_t *local) + host_t *local, host_t *remote) { private_migrate_job_t *this = malloc_thing(private_migrate_job_t); @@ -176,6 +190,7 @@ migrate_job_t *migrate_job_create(u_int32_t reqid, this->src_ts = (dir == POLICY_OUT) ? src_ts : dst_ts; this->dst_ts = (dir == POLICY_OUT) ? dst_ts : src_ts; this->local = local; + this->remote = remote; return &this->public; } diff --git a/src/charon/processing/jobs/migrate_job.h b/src/charon/processing/jobs/migrate_job.h index d23236bc4..ecd2d6fe5 100644 --- a/src/charon/processing/jobs/migrate_job.h +++ b/src/charon/processing/jobs/migrate_job.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006 Martin Willi + * Copyright (C) 2008 Andreas Steffen * Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: acquire_job.h 4535 2008-10-31 01:43:23Z andreas $ + * $Id$ */ /** @@ -49,15 +49,16 @@ struct migrate_job_t { * We use the reqid or the traffic selectors to find a matching CHILD_SA. * * @param reqid reqid of the CHILD_SA to acquire - * @param src_ts source traffic selector - * @param dst_ts destination traffic selector + * @param src_ts source traffic selector to be used in the policy + * @param dst_ts destination traffic selector to be used in the policy * @param local local host address to be used in the IKE_SA + * @param remote remote host address to be used in the IKE_SA * @return migrate_job_t object */ migrate_job_t *migrate_job_create(u_int32_t reqid, traffic_selector_t *src_ts, traffic_selector_t *dst_ts, policy_dir_t dir, - host_t *local); + host_t *local, host_t *remote); #endif /* MIGRATE_JOB_H_ @} */ |