daemon: Flush shunts before unloading plugins
[strongswan.git] / src / libcharon / control / controller.c
index 0ee99c4..fd8349e 100644 (file)
@@ -20,7 +20,6 @@
 #include <sys/types.h>
 #include <dirent.h>
 #include <sys/stat.h>
-#include <dlfcn.h>
 
 #include <daemon.h>
 #include <library.h>
@@ -304,6 +303,18 @@ METHOD(listener_t, child_state_change, bool,
                                                /* proper delete */
                                                this->status = SUCCESS;
                                                break;
+                                       case CHILD_RETRYING:
+                                               /* retrying with a different DH group; survive another
+                                                * initiation round */
+                                               this->status = NEED_MORE;
+                                               return TRUE;
+                                       case CHILD_CREATED:
+                                               if (this->status == NEED_MORE)
+                                               {
+                                                       this->status = FAILED;
+                                                       return TRUE;
+                                               }
+                                               break;
                                        default:
                                                break;
                                }
@@ -412,6 +423,7 @@ METHOD(controller_t, initiate, status_t,
                .refcount = 1,
        );
        job->listener.logger.listener = &job->listener;
+       thread_cleanup_push((void*)destroy_job, job);
 
        if (callback == NULL)
        {
@@ -425,7 +437,7 @@ METHOD(controller_t, initiate, status_t,
                }
        }
        status = job->listener.status;
-       destroy_job(job);
+       thread_cleanup_pop(TRUE);
        return status;
 }
 
@@ -437,7 +449,7 @@ METHOD(job_t, terminate_ike_execute, job_requeue_t,
        ike_sa_t *ike_sa;
 
        ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager,
-                                                                                                       unique_id, FALSE);
+                                                                                                       unique_id);
        if (!ike_sa)
        {
                DBG1(DBG_IKE, "unable to terminate IKE_SA: ID %d not found", unique_id);
@@ -500,6 +512,7 @@ METHOD(controller_t, terminate_ike, status_t,
                .refcount = 1,
        );
        job->listener.logger.listener = &job->listener;
+       thread_cleanup_push((void*)destroy_job, job);
 
        if (callback == NULL)
        {
@@ -513,7 +526,7 @@ METHOD(controller_t, terminate_ike, status_t,
                }
        }
        status = job->listener.status;
-       destroy_job(job);
+       thread_cleanup_pop(TRUE);
        return status;
 }
 
@@ -521,17 +534,15 @@ METHOD(job_t, terminate_child_execute, job_requeue_t,
        interface_job_t *job)
 {
        interface_listener_t *listener = &job->listener;
-       u_int32_t reqid = listener->id;
-       enumerator_t *enumerator;
+       u_int32_t id = listener->id;
        child_sa_t *child_sa;
        ike_sa_t *ike_sa;
 
-       ike_sa = charon->ike_sa_manager->checkout_by_id(charon->ike_sa_manager,
-                                                                                                       reqid, TRUE);
+       ike_sa = charon->child_sa_manager->checkout_by_id(charon->child_sa_manager,
+                                                                                                         id, &child_sa);
        if (!ike_sa)
        {
-               DBG1(DBG_IKE, "unable to terminate, CHILD_SA with ID %d not found",
-                        reqid);
+               DBG1(DBG_IKE, "unable to terminate, CHILD_SA with ID %d not found", id);
                listener->status = NOT_FOUND;
                /* release listener */
                listener_done(listener);
@@ -541,22 +552,10 @@ METHOD(job_t, terminate_child_execute, job_requeue_t,
        listener->ike_sa = ike_sa;
        listener->lock->unlock(listener->lock);
 
-       enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
-       while (enumerator->enumerate(enumerator, (void**)&child_sa))
-       {
-               if (child_sa->get_state(child_sa) != CHILD_ROUTED &&
-                       child_sa->get_reqid(child_sa) == reqid)
-               {
-                       break;
-               }
-               child_sa = NULL;
-       }
-       enumerator->destroy(enumerator);
-
-       if (!child_sa)
+       if (child_sa->get_state(child_sa) == CHILD_ROUTED)
        {
                DBG1(DBG_IKE, "unable to terminate, established "
-                        "CHILD_SA with ID %d not found", reqid);
+                        "CHILD_SA with ID %d not found", id);
                charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
                listener->status = NOT_FOUND;
                /* release listener */
@@ -583,7 +582,7 @@ METHOD(job_t, terminate_child_execute, job_requeue_t,
 }
 
 METHOD(controller_t, terminate_child, status_t,
-       controller_t *this, u_int32_t reqid,
+       controller_t *this, u_int32_t unique_id,
        controller_cb_t callback, void *param, u_int timeout)
 {
        interface_job_t *job;
@@ -604,7 +603,7 @@ METHOD(controller_t, terminate_child, status_t,
                                .param = param,
                        },
                        .status = FAILED,
-                       .id = reqid,
+                       .id = unique_id,
                        .lock = spinlock_create(),
                },
                .public = {
@@ -615,6 +614,7 @@ METHOD(controller_t, terminate_child, status_t,
                .refcount = 1,
        );
        job->listener.logger.listener = &job->listener;
+       thread_cleanup_push((void*)destroy_job, job);
 
        if (callback == NULL)
        {
@@ -628,7 +628,7 @@ METHOD(controller_t, terminate_child, status_t,
                }
        }
        status = job->listener.status;
-       destroy_job(job);
+       thread_cleanup_pop(TRUE);
        return status;
 }