2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 #include <processing/jobs/callback_job.h>
21 #include <processing/jobs/rekey_ike_sa_job.h>
22 #include <processing/jobs/rekey_child_sa_job.h>
23 #include <processing/jobs/send_dpd_job.h>
25 typedef struct private_actions_t private_actions_t
;
28 * Private data of an actions_t object.
30 struct private_actions_t
{
33 * Public actions_t interface.
41 static job_requeue_t
initiate(char *config
)
44 child_cfg_t
*child_cfg
= NULL
, *current
;
45 enumerator_t
*enumerator
;
47 peer_cfg
= charon
->backends
->get_peer_cfg_by_name(charon
->backends
, config
);
50 DBG1(DBG_CFG
, "initiating '%s' failed, config not found", config
);
51 return JOB_REQUEUE_NONE
;
53 enumerator
= peer_cfg
->create_child_cfg_enumerator(peer_cfg
);
54 while (enumerator
->enumerate(enumerator
, ¤t
))
56 if (streq(current
->get_name(current
), config
))
59 child_cfg
->get_ref(child_cfg
);
63 enumerator
->destroy(enumerator
);
66 DBG1(DBG_CFG
, "initiating IKE_SA for CHILD_SA config '%s'", config
);
67 charon
->controller
->initiate(charon
->controller
, peer_cfg
, child_cfg
,
72 DBG1(DBG_CFG
, "initiating '%s' failed, CHILD_SA config not found",
76 return JOB_REQUEUE_NONE
;
82 static job_requeue_t
rekey_ike(char *config
)
84 enumerator_t
*enumerator
;
88 enumerator
= charon
->controller
->create_ike_sa_enumerator(
89 charon
->controller
, TRUE
);
90 while (enumerator
->enumerate(enumerator
, &ike_sa
))
92 if (strcaseeq(config
, ike_sa
->get_name(ike_sa
)))
94 job
= (job_t
*)rekey_ike_sa_job_create(ike_sa
->get_id(ike_sa
), FALSE
);
98 enumerator
->destroy(enumerator
);
102 DBG1(DBG_CFG
, "starting rekey of IKE_SA '%s'", config
);
103 lib
->processor
->queue_job(lib
->processor
, job
);
107 DBG1(DBG_CFG
, "rekeying '%s' failed, IKE_SA not found", config
);
109 return JOB_REQUEUE_NONE
;
115 static job_requeue_t
rekey_child(char *config
)
117 enumerator_t
*enumerator
, *children
;
119 child_sa_t
*child_sa
;
120 u_int32_t reqid
= 0, spi
= 0;
121 protocol_id_t proto
= PROTO_ESP
;
123 enumerator
= charon
->controller
->create_ike_sa_enumerator(
124 charon
->controller
, TRUE
);
125 while (enumerator
->enumerate(enumerator
, &ike_sa
))
127 children
= ike_sa
->create_child_sa_enumerator(ike_sa
);
128 while (children
->enumerate(children
, (void**)&child_sa
))
130 if (streq(config
, child_sa
->get_name(child_sa
)))
132 reqid
= child_sa
->get_reqid(child_sa
);
133 proto
= child_sa
->get_protocol(child_sa
);
134 spi
= child_sa
->get_spi(child_sa
, TRUE
);
138 children
->destroy(children
);
140 enumerator
->destroy(enumerator
);
143 DBG1(DBG_CFG
, "starting rekey of CHILD_SA '%s'", config
);
144 lib
->processor
->queue_job(lib
->processor
,
145 (job_t
*)rekey_child_sa_job_create(reqid
, proto
, spi
));
149 DBG1(DBG_CFG
, "rekeying '%s' failed, CHILD_SA not found", config
);
151 return JOB_REQUEUE_NONE
;
155 * Do a liveness check
157 static job_requeue_t
liveness(char *config
)
159 enumerator_t
*enumerator
;
163 enumerator
= charon
->controller
->create_ike_sa_enumerator(
164 charon
->controller
, TRUE
);
165 while (enumerator
->enumerate(enumerator
, &ike_sa
))
167 if (strcaseeq(config
, ike_sa
->get_name(ike_sa
)))
169 job
= (job_t
*)send_dpd_job_create(ike_sa
->get_id(ike_sa
));
173 enumerator
->destroy(enumerator
);
177 DBG1(DBG_CFG
, "starting liveness check of IKE_SA '%s'", config
);
178 lib
->processor
->queue_job(lib
->processor
, job
);
182 DBG1(DBG_CFG
, "liveness check for '%s' failed, IKE_SA not found", config
);
184 return JOB_REQUEUE_NONE
;
188 * Close an IKE_SA with all CHILD_SAs
190 static job_requeue_t
close_ike(char *config
)
192 enumerator_t
*enumerator
;
196 enumerator
= charon
->controller
->create_ike_sa_enumerator(
197 charon
->controller
, TRUE
);
198 while (enumerator
->enumerate(enumerator
, &ike_sa
))
200 if (strcaseeq(config
, ike_sa
->get_name(ike_sa
)))
202 id
= ike_sa
->get_unique_id(ike_sa
);
206 enumerator
->destroy(enumerator
);
209 DBG1(DBG_CFG
, "closing IKE_SA '%s'", config
);
210 charon
->controller
->terminate_ike(charon
->controller
, id
, NULL
, NULL
);
214 DBG1(DBG_CFG
, "unable to close IKE_SA '%s', not found", config
);
216 return JOB_REQUEUE_NONE
;
222 static job_requeue_t
close_child(char *config
)
224 enumerator_t
*enumerator
, *children
;
226 child_sa_t
*child_sa
;
229 enumerator
= charon
->controller
->create_ike_sa_enumerator(
230 charon
->controller
, TRUE
);
231 while (enumerator
->enumerate(enumerator
, &ike_sa
))
234 children
= ike_sa
->create_child_sa_enumerator(ike_sa
);
235 while (children
->enumerate(children
, (void**)&child_sa
))
237 if (streq(config
, child_sa
->get_name(child_sa
)))
239 id
= child_sa
->get_reqid(child_sa
);
243 children
->destroy(children
);
245 enumerator
->destroy(enumerator
);
248 DBG1(DBG_CFG
, "closing CHILD_SA '%s'", config
);
249 charon
->controller
->terminate_child(charon
->controller
, id
, NULL
, NULL
);
253 DBG1(DBG_CFG
, "unable to close CHILD_SA '%s', not found", config
);
255 return JOB_REQUEUE_NONE
;
259 * Load a single action
261 static void load_action(settings_t
*settings
, char *action
)
265 callback_job_cb_t cb
;
267 {"initiate", (void*)initiate
},
268 {"rekey_ike", (void*)rekey_ike
},
269 {"rekey_child", (void*)rekey_child
},
270 {"liveness", (void*)liveness
},
271 {"close_ike", (void*)close_ike
},
272 {"close_child", (void*)close_child
},
277 for (i
= 0; i
< countof(actions
); i
++)
279 if (strncaseeq(actions
[i
].name
, action
, strlen(actions
[i
].name
)))
285 delay
= settings
->get_int(settings
, "actions.%s.delay", 0, action
);
286 config
= settings
->get_str(settings
, "actions.%s.config",
290 DBG1(DBG_CFG
, "no config defined for action '%s'", action
);
293 lib
->scheduler
->schedule_job(lib
->scheduler
,
294 (job_t
*)callback_job_create(actions
[i
].cb
, config
, NULL
, NULL
),
300 DBG1(DBG_CFG
, "unknown action '%s', skipped", action
);
305 * Load configured actions
307 static void load_actions(settings_t
*settings
)
309 enumerator_t
*enumerator
;
312 enumerator
= settings
->create_section_enumerator(settings
, "actions");
313 while (enumerator
->enumerate(enumerator
, &action
))
315 load_action(settings
, action
);
317 enumerator
->destroy(enumerator
);
320 METHOD(actions_t
, destroy
, void,
321 private_actions_t
*this)
329 actions_t
*actions_create()
331 private_actions_t
*this;
339 load_actions(conftest
->test
);
341 return &this->public;