Do not query CHILD_SA during delete if they already expired
[strongswan.git] / src / libcharon / kernel / kernel_handler.c
1 /*
2 * Copyright (C) 2010 Tobias Brunner
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "kernel_handler.h"
17
18 #include <hydra.h>
19 #include <daemon.h>
20 #include <processing/jobs/acquire_job.h>
21 #include <processing/jobs/delete_child_sa_job.h>
22 #include <processing/jobs/migrate_job.h>
23 #include <processing/jobs/rekey_child_sa_job.h>
24 #include <processing/jobs/roam_job.h>
25 #include <processing/jobs/update_sa_job.h>
26
27 typedef struct private_kernel_handler_t private_kernel_handler_t;
28
29 /**
30 * Private data of a kernel_handler_t object.
31 */
32 struct private_kernel_handler_t {
33
34 /**
35 * Public part of kernel_handler_t object.
36 */
37 kernel_handler_t public;
38
39 };
40
41 /**
42 * convert an IP protocol identifier to the IKEv2 specific protocol identifier.
43 */
44 static inline protocol_id_t proto_ip2ike(u_int8_t protocol)
45 {
46 switch (protocol)
47 {
48 case IPPROTO_ESP:
49 return PROTO_ESP;
50 case IPPROTO_AH:
51 return PROTO_AH;
52 default:
53 return protocol;
54 }
55 }
56
57 METHOD(kernel_listener_t, acquire, bool,
58 private_kernel_handler_t *this, u_int32_t reqid,
59 traffic_selector_t *src_ts, traffic_selector_t *dst_ts)
60 {
61 job_t *job;
62 if (src_ts && dst_ts)
63 {
64 DBG1(DBG_KNL, "creating acquire job for policy %R === %R "
65 "with reqid {%u}", src_ts, dst_ts, reqid);
66 }
67 else
68 {
69 DBG1(DBG_KNL, "creating acquire job for policy with reqid {%u}", reqid);
70 }
71 job = (job_t*)acquire_job_create(reqid, src_ts, dst_ts);
72 lib->processor->queue_job(lib->processor, job);
73 return TRUE;
74 }
75
76 METHOD(kernel_listener_t, expire, bool,
77 private_kernel_handler_t *this, u_int32_t reqid, u_int8_t protocol,
78 u_int32_t spi, bool hard)
79 {
80 job_t *job;
81 protocol_id_t proto = proto_ip2ike(protocol);
82 DBG1(DBG_KNL, "creating %s job for %N CHILD_SA with SPI %.8x "
83 "and reqid {%u}", hard ? "delete" : "rekey",
84 protocol_id_names, proto, ntohl(spi), reqid);
85 if (hard)
86 {
87 job = (job_t*)delete_child_sa_job_create(reqid, proto, spi, hard);
88 }
89 else
90 {
91 job = (job_t*)rekey_child_sa_job_create(reqid, proto, spi);
92 }
93 lib->processor->queue_job(lib->processor, job);
94 return TRUE;
95 }
96
97 METHOD(kernel_listener_t, mapping, bool,
98 private_kernel_handler_t *this, u_int32_t reqid, u_int32_t spi,
99 host_t *remote)
100 {
101 job_t *job;
102 DBG1(DBG_KNL, "NAT mappings of ESP CHILD_SA with SPI %.8x and "
103 "reqid {%u} changed, queuing update job", ntohl(spi), reqid);
104 job = (job_t*)update_sa_job_create(reqid, remote);
105 lib->processor->queue_job(lib->processor, job);
106 return TRUE;
107 }
108
109 METHOD(kernel_listener_t, migrate, bool,
110 private_kernel_handler_t *this, u_int32_t reqid,
111 traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
112 policy_dir_t direction, host_t *local, host_t *remote)
113 {
114 job_t *job;
115 DBG1(DBG_KNL, "creating migrate job for policy %R === %R %N with "
116 "reqid {%u}", src_ts, dst_ts, policy_dir_names, direction,
117 reqid, local);
118 job = (job_t*)migrate_job_create(reqid, src_ts, dst_ts, direction, local,
119 remote);
120 lib->processor->queue_job(lib->processor, job);
121 return TRUE;
122 }
123
124 METHOD(kernel_listener_t, roam, bool,
125 private_kernel_handler_t *this, bool address)
126 {
127 job_t *job;
128 DBG2(DBG_KNL, "creating roam job %s", address ? "due to address/link change"
129 : "due to route change");
130 job = (job_t*)roam_job_create(address);
131 lib->processor->queue_job(lib->processor, job);
132 return TRUE;
133 }
134
135 METHOD(kernel_handler_t, destroy, void,
136 private_kernel_handler_t *this)
137 {
138 hydra->kernel_interface->remove_listener(hydra->kernel_interface,
139 &this->public.listener);
140 free(this);
141 }
142
143 kernel_handler_t *kernel_handler_create()
144 {
145 private_kernel_handler_t *this;
146
147 INIT(this,
148 .public = {
149 .listener = {
150 .acquire = _acquire,
151 .expire = _expire,
152 .mapping = _mapping,
153 .migrate = _migrate,
154 .roam = _roam,
155 },
156 .destroy = _destroy,
157 },
158 );
159
160 hydra->kernel_interface->add_listener(hydra->kernel_interface,
161 &this->public.listener);
162
163 return &this->public;
164 }
165