Store IKE version of an SA on ike_sa_t.
authorTobias Brunner <tobias@strongswan.org>
Thu, 17 Nov 2011 15:26:52 +0000 (16:26 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 20 Mar 2012 16:30:43 +0000 (17:30 +0100)
src/libcharon/plugins/ha/ha_dispatcher.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/ike_sa.h
src/libcharon/sa/ike_sa_manager.c
src/libcharon/sa/ike_sa_manager.h
src/libcharon/sa/tasks/ike_reauth.c
src/libcharon/sa/tasks/ike_rekey.c

index 0a89e64..f430fee 100644 (file)
@@ -89,7 +89,7 @@ static void process_ike_add(private_ha_dispatcher_t *this, ha_message_t *message
                switch (attribute)
                {
                        case HA_IKE_ID:
-                               ike_sa = ike_sa_create(value.ike_sa_id);
+                               ike_sa = ike_sa_create(value.ike_sa_id, IKEV2);
                                break;
                        case HA_IKE_REKEY_ID:
                                old_sa = charon->ike_sa_manager->checkout(charon->ike_sa_manager,
index ee3220d..b59586b 100644 (file)
@@ -87,6 +87,11 @@ struct private_ike_sa_t {
        ike_sa_id_t *ike_sa_id;
 
        /**
+        * IKE version of this SA.
+        */
+       ike_version_t version;
+
+       /**
         * unique numerical ID for this IKE_SA.
         */
        u_int32_t unique_id;
@@ -1328,6 +1333,12 @@ METHOD(ike_sa_t, get_id, ike_sa_id_t*,
        return this->ike_sa_id;
 }
 
+METHOD(ike_sa_t, get_version, ike_version_t,
+       private_ike_sa_t *this)
+{
+       return this->version;
+}
+
 METHOD(ike_sa_t, get_my_id, identification_t*,
        private_ike_sa_t *this)
 {
@@ -1606,7 +1617,8 @@ METHOD(ike_sa_t, reestablish, status_t,
                return FAILED;
        }
 
-       new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager, TRUE);
+       new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
+                                                                                          this->version, TRUE);
        new->set_peer_cfg(new, this->peer_cfg);
        host = this->other_host;
        new->set_other_host(new, host->clone(host));
@@ -2105,13 +2117,14 @@ METHOD(ike_sa_t, destroy, void,
 /*
  * Described in header.
  */
-ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
+ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id, ike_version_t version)
 {
        private_ike_sa_t *this;
        static u_int32_t unique_id = 0;
 
        INIT(this,
                .public = {
+                       .get_version = _get_version,
                        .get_state = _get_state,
                        .set_state = _set_state,
                        .get_name = _get_name,
@@ -2191,6 +2204,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
 #endif /* ME */
                },
                .ike_sa_id = ike_sa_id->clone(ike_sa_id),
+               .version = version,
                .child_sas = linked_list_create(),
                .my_host = host_create_any(AF_INET),
                .other_host = host_create_any(AF_INET),
index cf23de3..21f7c74 100644 (file)
@@ -270,6 +270,11 @@ struct ike_sa_t {
        ike_sa_id_t* (*get_id) (ike_sa_t *this);
 
        /**
+        * Gets the IKE version of the SA
+        */
+       ike_version_t (*get_version)(ike_sa_t *this);
+
+       /**
         * Get the numerical ID uniquely defining this IKE_SA.
         *
         * @return                              unique ID
@@ -288,7 +293,7 @@ struct ike_sa_t {
         *
         * @param state                 state to set for the IKE_SA
         */
-       void (*set_state) (ike_sa_t *this, ike_sa_state_t ike_sa);
+       void (*set_state) (ike_sa_t *this, ike_sa_state_t state);
 
        /**
         * Get the name of the connection this IKE_SA uses.
@@ -951,11 +956,12 @@ struct ike_sa_t {
 };
 
 /**
- * Creates an ike_sa_t object with a specific ID.
+ * Creates an ike_sa_t object with a specific ID and IKE version.
  *
- * @param ike_sa_id            ike_sa_id_t object to associate with new IKE_SA
+ * @param ike_sa_id            ike_sa_id_t to associate with new IKE_SA/ISAKMP_SA
+ * @param version              IKE version of this SA
  * @return                             ike_sa_t object
  */
-ike_sa_t *ike_sa_create(ike_sa_id_t *ike_sa_id);
+ike_sa_t *ike_sa_create(ike_sa_id_t *ike_sa_id, ike_version_t version);
 
 #endif /** IKE_SA_H_ @}*/
index 6b2d173..62f9cc9 100644 (file)
@@ -941,7 +941,7 @@ METHOD(ike_sa_manager_t, checkout, ike_sa_t*,
 }
 
 METHOD(ike_sa_manager_t, checkout_new, ike_sa_t*,
-       private_ike_sa_manager_t* this, bool initiator)
+       private_ike_sa_manager_t* this, ike_version_t version, bool initiator)
 {
        ike_sa_id_t *ike_sa_id;
        ike_sa_t *ike_sa;
@@ -954,7 +954,7 @@ METHOD(ike_sa_manager_t, checkout_new, ike_sa_t*,
        {
                ike_sa_id = ike_sa_id_create(0, get_spi(this), FALSE);
        }
-       ike_sa = ike_sa_create(ike_sa_id);
+       ike_sa = ike_sa_create(ike_sa_id, version);
        ike_sa_id->destroy(ike_sa_id);
 
        DBG2(DBG_MGR, "created IKE_SA %s[%u]", ike_sa->get_name(ike_sa),
@@ -970,6 +970,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
        entry_t *entry;
        ike_sa_t *ike_sa = NULL;
        ike_sa_id_t *id;
+       ike_version_t ike_version;
        bool is_init = FALSE;
 
        id = message->get_ike_sa_id(message);
@@ -985,6 +986,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
                        if (message->get_exchange_type(message) == IKE_SA_INIT &&
                                message->get_request(message))
                        {
+                               ike_version = IKEV2;
                                is_init = TRUE;
                        }
                }
@@ -993,6 +995,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
                        if (message->get_exchange_type(message) == ID_PROT ||
                                message->get_exchange_type(message) == AGGRESSIVE)
                        {
+                               ike_version = IKEV1;
                                is_init = TRUE;
                        }
                }
@@ -1034,7 +1037,7 @@ METHOD(ike_sa_manager_t, checkout_by_message, ike_sa_t*,
                        /* no IKE_SA found, create a new one */
                        id->set_responder_spi(id, get_spi(this));
                        entry = entry_create();
-                       entry->ike_sa = ike_sa_create(id);
+                       entry->ike_sa = ike_sa_create(id, ike_version);
                        entry->ike_sa_id = id->clone(id);
 
                        segment = put_entry(this, entry);
@@ -1103,7 +1106,7 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
 
        if (!this->reuse_ikesa)
        {       /* IKE_SA reuse disable by config */
-               ike_sa = checkout_new(this, TRUE);
+               ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE);
                charon->bus->set_sa(charon->bus, ike_sa);
                return ike_sa;
        }
@@ -1139,7 +1142,7 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
 
        if (!ike_sa)
        {       /* no IKE_SA using such a config, hand out a new */
-               ike_sa = checkout_new(this, TRUE);
+               ike_sa = checkout_new(this, peer_cfg->get_ike_version(peer_cfg), TRUE);
        }
        charon->bus->set_sa(charon->bus, ike_sa);
        return ike_sa;
index 5e542e7..bf75b76 100644 (file)
@@ -52,10 +52,12 @@ struct ike_sa_manager_t {
        /**
         * Create and check out a new IKE_SA.
         *
+        * @param version                       IKE version of this SA
         * @param initiator                     TRUE for initiator, FALSE otherwise
         * @returns                             created and checked out IKE_SA
         */
-       ike_sa_t* (*checkout_new) (ike_sa_manager_t* this, bool initiator);
+       ike_sa_t* (*checkout_new) (ike_sa_manager_t* this, ike_version_t version,
+                                                          bool initiator);
 
        /**
         * Checkout an IKE_SA by a message.
index 6cda0dd..197849d 100644 (file)
@@ -54,6 +54,7 @@ METHOD(task_t, process_i, status_t,
        ike_sa_t *new;
        host_t *host;
        enumerator_t *enumerator;
+       ike_version_t version;
        child_sa_t *child_sa;
        peer_cfg_t *peer_cfg;
 
@@ -74,7 +75,9 @@ METHOD(task_t, process_i, status_t,
                return FAILED;
        }
 
-       new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager, TRUE);
+       version = this->ike_sa->get_version(this->ike_sa);
+       new = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager, version,
+                                                                                          TRUE);
 
        new->set_peer_cfg(new, peer_cfg);
        host = this->ike_sa->get_other_host(this->ike_sa);
index 826d6e1..c089eda 100644 (file)
@@ -129,8 +129,9 @@ METHOD(task_t, build_i, status_t,
        /* create new SA only on first try */
        if (this->new_sa == NULL)
        {
-               this->new_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
-                                                                                                                       TRUE);
+               ike_version_t version = this->ike_sa->get_version(this->ike_sa);
+               this->new_sa = charon->ike_sa_manager->checkout_new(
+                                                                               charon->ike_sa_manager, version, TRUE);
 
                peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
                other_host = this->ike_sa->get_other_host(this->ike_sa);
@@ -148,6 +149,7 @@ METHOD(task_t, process_r, status_t,
        private_ike_rekey_t *this, message_t *message)
 {
        enumerator_t *enumerator;
+       ike_version_t version;
        peer_cfg_t *peer_cfg;
        child_sa_t *child_sa;
 
@@ -175,8 +177,9 @@ METHOD(task_t, process_r, status_t,
        }
        enumerator->destroy(enumerator);
 
+       version = this->ike_sa->get_version(this->ike_sa);
        this->new_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
-                                                                                                               FALSE);
+                                                                                                               version, FALSE);
 
        peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
        this->new_sa->set_peer_cfg(this->new_sa, peer_cfg);