diff options
Diffstat (limited to 'src/charon/config')
| -rwxr-xr-x | src/charon/config/configuration.c | 69 | ||||
| -rwxr-xr-x | src/charon/config/configuration.h | 33 |
2 files changed, 89 insertions, 13 deletions
diff --git a/src/charon/config/configuration.c b/src/charon/config/configuration.c index 34c040b56..9e44a0ef9 100755 --- a/src/charon/config/configuration.c +++ b/src/charon/config/configuration.c @@ -21,28 +21,50 @@ */ #include <stdlib.h> +#include <math.h> #include "configuration.h" #include <types.h> /** + * Timeout in milliseconds after that a half open IKE_SA gets deleted. + */ +#define HALF_OPEN_IKE_SA_TIMEOUT 30000 + +/** * First retransmit timeout in milliseconds. * Timeout value is increasing in each retransmit round. */ -#define RETRANSMIT_TIMEOUT 2500 +#define RETRANSMIT_TIMEOUT 6000 /** - * Timeout in milliseconds after that a half open IKE_SA gets deleted. + * Base which is raised to the power of the retransmission count. */ -#define HALF_OPEN_IKE_SA_TIMEOUT 30000 +#define RETRANSMIT_BASE 1.5 /** * Max retransmit count. * 0 for infinite. The max time a half open IKE_SA is alive is set by * RETRANSMIT_TIMEOUT. */ -#define MAX_RETRANSMIT_COUNT 3 +#define MAX_RETRANSMIT_COUNT 6 + +/** + * Keepalive interval in milliseconds. + */ +#define KEEPALIVE_INTERVAL 2000000 + +/** + * Keepalive timeout in milliseconds. + * Not implemented yet. + */ +#define KEEPALIVE_TIMEOUT 30000000 + +/** + * DPD interval in milliseconds. + */ +#define DPD_INTERVAL 6000000 typedef struct private_configuration_t private_configuration_t; @@ -64,19 +86,13 @@ struct private_configuration_t { */ static status_t get_retransmit_timeout (private_configuration_t *this, u_int32_t retransmit_count, u_int32_t *timeout) { - int new_timeout = RETRANSMIT_TIMEOUT, i; - if (retransmit_count >= MAX_RETRANSMIT_COUNT && MAX_RETRANSMIT_COUNT != 0) + if (retransmit_count > MAX_RETRANSMIT_COUNT && MAX_RETRANSMIT_COUNT != 0) { return FAILED; } - for (i = 0; i < retransmit_count; i++) - { - new_timeout *= 2; - } - - *timeout = new_timeout; - + *timeout = (u_int32_t)(RETRANSMIT_TIMEOUT * pow(RETRANSMIT_BASE, retransmit_count)); + return SUCCESS; } @@ -89,6 +105,30 @@ static u_int32_t get_half_open_ike_sa_timeout (private_configuration_t *this) } /** + * Implementation of configuration_t.get_keepalive_interval. + */ +static u_int32_t get_keepalive_interval (private_configuration_t *this) +{ + return KEEPALIVE_INTERVAL; +} + +/** + * Implementation of configuration_t.get_keepalive_timeout. + */ +static u_int32_t get_keepalive_timeout (private_configuration_t *this) +{ + return KEEPALIVE_TIMEOUT; +} + +/** + * Implementation of configuration_t.get_dpd_interval. + */ +static u_int32_t get_dpd_interval (private_configuration_t *this) +{ + return DPD_INTERVAL; +} + +/** * Implementation of configuration_t.destroy. */ static void destroy(private_configuration_t *this) @@ -107,6 +147,9 @@ configuration_t *configuration_create() this->public.destroy = (void(*)(configuration_t*))destroy; this->public.get_retransmit_timeout = (status_t (*) (configuration_t *, u_int32_t retransmit_count, u_int32_t *timeout))get_retransmit_timeout; this->public.get_half_open_ike_sa_timeout = (u_int32_t (*) (configuration_t *)) get_half_open_ike_sa_timeout; + this->public.get_keepalive_interval = (u_int32_t (*) (configuration_t *)) get_keepalive_interval; + this->public.get_keepalive_timeout = (u_int32_t (*) (configuration_t *)) get_keepalive_timeout; + this->public.get_dpd_interval = (u_int32_t (*) (configuration_t *)) get_dpd_interval; return (&this->public); } diff --git a/src/charon/config/configuration.h b/src/charon/config/configuration.h index 066475a12..f0696328d 100755 --- a/src/charon/config/configuration.h +++ b/src/charon/config/configuration.h @@ -70,6 +70,39 @@ struct configuration_t { u_int32_t (*get_half_open_ike_sa_timeout) (configuration_t *this); /** + * @brief Returns the keepalive interval in ms. + * + * The keepalive interval defines the idle time after which a + * NAT keepalive packet should be sent. + * + * @param this calling object + * @return interval in milliseconds (ms) + */ + u_int32_t (*get_keepalive_interval) (configuration_t *this); + + /** + * @brief Returns the keepalive timeout in ms. + * + * The keepalive timeout defines how long we should keep sending + * NAT keepalives after closing an IKE_SA. + * + * @param this calling object + * @return timeout in milliseconds (ms) + */ + u_int32_t (*get_keepalive_timeout) (configuration_t *this); + + /** + * @brief Returns the DPD interval in ms. + * + * The DPD interval defines the time after which a + * DPD request packet should be sent. + * + * @param this calling object + * @return interval in milliseconds (ms) + */ + u_int32_t (*get_dpd_interval) (configuration_t *this); + + /** * @brief Destroys a configuration_t object. * * @param this calling object |