4 * @brief Implementation of the ike_reauth task.
9 * Copyright (C) 2006-2007 Martin Willi
10 * Hochschule fuer Technik Rapperswil
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
23 #include "ike_reauth.h"
26 #include <sa/tasks/ike_delete.h>
29 typedef struct private_ike_reauth_t private_ike_reauth_t
;
32 * Private members of a ike_reauth_t task.
34 struct private_ike_reauth_t
{
37 * Public methods and task_t interface.
47 * reused ike_delete task
49 ike_delete_t
*ike_delete
;
53 * Implementation of task_t.build for initiator
55 static status_t
build_i(private_ike_reauth_t
*this, message_t
*message
)
57 return this->ike_delete
->task
.build(&this->ike_delete
->task
, message
);
61 * Implementation of task_t.process for initiator
63 static status_t
process_i(private_ike_reauth_t
*this, message_t
*message
)
70 /* process delete response first */
71 this->ike_delete
->task
.process(&this->ike_delete
->task
, message
);
73 /* reestablish only if we have children */
74 iterator
= this->ike_sa
->create_child_sa_iterator(this->ike_sa
);
75 if (iterator
->get_count(iterator
) == 0)
77 DBG1(DBG_IKE
, "unable to reestablish IKE_SA, no CHILD_SA to recreate");
78 iterator
->destroy(iterator
);
82 new = charon
->ike_sa_manager
->checkout_new(charon
->ike_sa_manager
, TRUE
);
84 new->set_peer_cfg(new, this->ike_sa
->get_peer_cfg(this->ike_sa
));
85 host
= this->ike_sa
->get_other_host(this->ike_sa
);
86 new->set_other_host(new, host
->clone(host
));
87 /* if we already have a virtual IP, we reuse it */
88 host
= this->ike_sa
->get_virtual_ip(this->ike_sa
, TRUE
);
91 new->set_virtual_ip(new, TRUE
, host
);
94 while (iterator
->iterate(iterator
, (void**)&child_sa
))
96 switch (child_sa
->get_state(child_sa
))
100 /* move routed child directly */
101 iterator
->remove(iterator
);
102 new->add_child_sa(new, child_sa
);
107 /* initiate/queue all child SAs */
108 child_cfg_t
*child_cfg
= child_sa
->get_config(child_sa
);
109 child_cfg
->get_ref(child_cfg
);
110 if (new->initiate(new, child_cfg
) == DESTROY_ME
)
112 iterator
->destroy(iterator
);
113 charon
->ike_sa_manager
->checkin_and_destroy(
114 charon
->ike_sa_manager
, new);
115 DBG1(DBG_IKE
, "reestablishing IKE_SA failed");
122 iterator
->destroy(iterator
);
123 charon
->ike_sa_manager
->checkin(charon
->ike_sa_manager
, new);
125 /* we always return failed to delete the obsolete IKE_SA */
130 * Implementation of task_t.get_type
132 static task_type_t
get_type(private_ike_reauth_t
*this)
138 * Implementation of task_t.migrate
140 static void migrate(private_ike_reauth_t
*this, ike_sa_t
*ike_sa
)
142 this->ike_delete
->task
.migrate(&this->ike_delete
->task
, ike_sa
);
143 this->ike_sa
= ike_sa
;
147 * Implementation of task_t.destroy
149 static void destroy(private_ike_reauth_t
*this)
151 this->ike_delete
->task
.destroy(&this->ike_delete
->task
);
156 * Described in header.
158 ike_reauth_t
*ike_reauth_create(ike_sa_t
*ike_sa
)
160 private_ike_reauth_t
*this = malloc_thing(private_ike_reauth_t
);
162 this->public.task
.get_type
= (task_type_t(*)(task_t
*))get_type
;
163 this->public.task
.migrate
= (void(*)(task_t
*,ike_sa_t
*))migrate
;
164 this->public.task
.destroy
= (void(*)(task_t
*))destroy
;
165 this->public.task
.build
= (status_t(*)(task_t
*,message_t
*))build_i
;
166 this->public.task
.process
= (status_t(*)(task_t
*,message_t
*))process_i
;
168 this->ike_sa
= ike_sa
;
169 this->ike_delete
= ike_delete_create(ike_sa
, TRUE
);
171 return &this->public;
projects / strongswan.git / blob