src/libcharon/processing/jobs/dpd_timeout_job.c

   1 /*
   2  * Copyright (C) 2012 Martin Willi
   3  * Copyright (C) 2012 revosec AG
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 #include <stdlib.h>
  17
  18 #include "dpd_timeout_job.h"
  19
  20 #include <sa/ike_sa.h>
  21 #include <daemon.h>
  22
  23
  24 typedef struct private_dpd_timeout_job_t private_dpd_timeout_job_t;
  25
  26 /**
  27  * Private data
  28  */
  29 struct private_dpd_timeout_job_t {
  30
  31         /**
  32          * public dpd_timeout_job_t interface
  33          */
  34         dpd_timeout_job_t public;
  35
  36         /**
  37          * IKE_SA identifier
  38          */
  39         ike_sa_id_t *ike_sa_id;
  40
  41         /**
  42          * Timestamp of first DPD check
  43          */
  44         u_int32_t check;
  45 };
  46
  47 METHOD(job_t, destroy, void,
  48         private_dpd_timeout_job_t *this)
  49 {
  50         this->ike_sa_id->destroy(this->ike_sa_id);
  51         free(this);
  52 }
  53
  54 METHOD(job_t, execute, void,
  55         private_dpd_timeout_job_t *this)
  56 {
  57         ike_sa_t *ike_sa;
  58
  59         ike_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
  60                                                                                           this->ike_sa_id);
  61         if (ike_sa)
  62         {
  63                 /* check if no incoming packet during timeout, reestalish SA */
  64                 if (ike_sa->get_statistic(ike_sa, STAT_INBOUND) < this->check)
  65                 {
  66                         DBG1(DBG_JOB, "DPD check timed out, enforcing DPD action");
  67                         if (ike_sa->reestablish(ike_sa) == SUCCESS)
  68                         {
  69                                 charon->ike_sa_manager->checkin_and_destroy(
  70                                                                                         charon->ike_sa_manager, ike_sa);
  71                         }
  72                         else
  73                         {
  74                                 charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
  75                         }
  76                 }
  77                 else
  78                 {
  79                         charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
  80                 }
  81         }
  82         destroy(this);
  83 }
  84
  85 METHOD(job_t, get_priority, job_priority_t,
  86         private_dpd_timeout_job_t *this)
  87 {
  88         return JOB_PRIO_HIGH;
  89 }
  90
  91 /*
  92  * Described in header
  93  */
  94 dpd_timeout_job_t *dpd_timeout_job_create(ike_sa_id_t *ike_sa_id)
  95 {
  96         private_dpd_timeout_job_t *this;
  97
  98         INIT(this,
  99                 .public = {
 100                         .job_interface = {
 101                                 .execute = _execute,
 102                                 .get_priority = _get_priority,
 103                                 .destroy = _destroy,
 104                         },
 105                 },
 106                 .ike_sa_id = ike_sa_id->clone(ike_sa_id),
 107                 .check = time_monotonic(NULL),
 108         );
 109
 110         return &this->public;
 111 }