projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'android-ndk'
[strongswan.git] / src / libcharon / processing / jobs / migrate_job.c
1 /*
2 * Copyright (C) 2008 Andreas Steffen
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "migrate_job.h"
17
18 #include <daemon.h>
19
20 #include <config/child_cfg.h>
21
22
23 typedef struct private_migrate_job_t private_migrate_job_t;
24
25 /**
26 * Private data of a migrate_job_t object.
27 */
28 struct private_migrate_job_t {
29 /**
30 * Public migrate_job_t interface.
31 */
32 migrate_job_t public;
33
34 /**
35 * reqid of the CHILD_SA if it already exists
36 */
37 u_int32_t reqid;
38
39 /**
40 * source traffic selector
41 */
42 traffic_selector_t *src_ts;
43
44 /**
45 * destination traffic selector
46 */
47 traffic_selector_t *dst_ts;
48
49 /**
50 * local host address to be used for IKE
51 */
52 host_t *local;
53
54 /**
55 * remote host address to be used for IKE
56 */
57 host_t *remote;
58 };
59
60 METHOD(job_t, destroy, void,
61 private_migrate_job_t *this)
62 {
63 DESTROY_IF(this->src_ts);
64 DESTROY_IF(this->dst_ts);
65 DESTROY_IF(this->local);
66 DESTROY_IF(this->remote);
67 free(this);
68 }
69
70 METHOD(job_t, execute, job_requeue_t,
71 private_migrate_job_t *this)
72 {
73 ike_sa_t *ike_sa = NULL;
74
75 if (this->reqid)
76 {
77 ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager,
78 this->reqid, TRUE);
79 }
80 if (ike_sa)
81 {
82 enumerator_t *children;
83 child_sa_t *child_sa;
84 host_t *host;
85
86 children = ike_sa->create_child_sa_enumerator(ike_sa);
87 while (children->enumerate(children, (void**)&child_sa))
88 {
89 if (child_sa->get_reqid(child_sa) == this->reqid)
90 {
91 break;
92 }
93 }
94 children->destroy(children);
95 DBG2(DBG_JOB, "found CHILD_SA with reqid {%d}", this->reqid);
96
97 ike_sa->set_kmaddress(ike_sa, this->local, this->remote);
98
99 host = this->local->clone(this->local);
100 host->set_port(host, charon->socket->get_port(charon->socket, FALSE));
101 ike_sa->set_my_host(ike_sa, host);
102
103 host = this->remote->clone(this->remote);
104 host->set_port(host, IKEV2_UDP_PORT);
105 ike_sa->set_other_host(ike_sa, host);
106
107 if (child_sa->update(child_sa, this->local, this->remote,
108 ike_sa->get_virtual_ip(ike_sa, TRUE),
109 ike_sa->has_condition(ike_sa, COND_NAT_ANY)) == NOT_SUPPORTED)
110 {
111 ike_sa->rekey_child_sa(ike_sa, child_sa->get_protocol(child_sa),
112 child_sa->get_spi(child_sa, TRUE));
113 }
114 charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
115 }
116 else
117 {
118 DBG1(DBG_JOB, "no CHILD_SA found with reqid {%d}", this->reqid);
119 }
120 return JOB_REQUEUE_NONE;
121 }
122
123 METHOD(job_t, get_priority, job_priority_t,
124 private_migrate_job_t *this)
125 {
126 return JOB_PRIO_MEDIUM;
127 }
128
129 /*
130 * Described in header
131 */
132 migrate_job_t *migrate_job_create(u_int32_t reqid,
133 traffic_selector_t *src_ts,
134 traffic_selector_t *dst_ts,
135 policy_dir_t dir,
136 host_t *local, host_t *remote)
137 {
138 private_migrate_job_t *this;
139
140 INIT(this,
141 .public = {
142 .job_interface = {
143 .execute = _execute,
144 .get_priority = _get_priority,
145 .destroy = _destroy,
146 },
147 },
148 .reqid = reqid,
149 .src_ts = (dir == POLICY_OUT) ? src_ts : dst_ts,
150 .dst_ts = (dir == POLICY_OUT) ? dst_ts : src_ts,
151 .local = local,
152 .remote = remote,
153 );
154
155 return &this->public;
156 }
strongSwan - IPsec VPN