Check in task manager if we have to requeue IKE tasks in a non-first keyingtry
authorMartin Willi <martin@revosec.ch>
Mon, 19 Dec 2011 13:46:56 +0000 (14:46 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:27 +0000 (17:31 +0100)
src/libcharon/sa/ike_sa.c
src/libcharon/sa/ikev2/task_manager_v2.c

index d3aad94..43e61ef 100644 (file)
@@ -1491,40 +1491,6 @@ METHOD(ike_sa_t, reestablish, status_t,
        return status;
 }
 
-/**
- * Requeue the IKE_SA_INIT tasks for initiation, if required
- */
-static void requeue_init_tasks(private_ike_sa_t *this)
-{
-       enumerator_t *enumerator;
-       bool has_init = FALSE;
-       task_t *task;
-
-       /* if we have advanced to IKE_AUTH, the IKE_INIT and related tasks
-        * have already completed. Recreate them if necessary. */
-       enumerator = this->task_manager->create_task_enumerator(
-                                                                               this->task_manager, TASK_QUEUE_QUEUED);
-       while (enumerator->enumerate(enumerator, &task))
-       {
-               if (task->get_type(task) == TASK_IKE_INIT)
-               {
-                       has_init = TRUE;
-                       break;
-               }
-       }
-       enumerator->destroy(enumerator);
-
-       if (!has_init)
-       {
-               task = (task_t*)ike_vendor_create(&this->public, TRUE);
-               this->task_manager->queue_task(this->task_manager, task);
-               task = (task_t*)ike_natd_create(&this->public, TRUE);
-               this->task_manager->queue_task(this->task_manager, task);
-               task = (task_t*)ike_init_create(&this->public, TRUE, NULL);
-               this->task_manager->queue_task(this->task_manager, task);
-       }
-}
-
 METHOD(ike_sa_t, retransmit, status_t,
        private_ike_sa_t *this, u_int32_t message_id)
 {
@@ -1544,7 +1510,7 @@ METHOD(ike_sa_t, retransmit, status_t,
                                        DBG1(DBG_IKE, "peer not responding, trying again (%d/%d)",
                                                 this->keyingtry + 1, tries);
                                        reset(this);
-                                       requeue_init_tasks(this);
+                                       this->task_manager->queue_ike(this->task_manager);
                                        return this->task_manager->initiate(this->task_manager);
                                }
                                DBG1(DBG_IKE, "establishing IKE_SA failed, peer not responding");
index f2cfad2..91589b1 100644 (file)
@@ -1182,23 +1182,52 @@ METHOD(task_manager_t, queue_ike, void,
 {
        peer_cfg_t *peer_cfg;
 
-       queue_task(this, (task_t*)ike_vendor_create(this->ike_sa, TRUE));
-       queue_task(this, (task_t*)ike_init_create(this->ike_sa, TRUE, NULL));
-       queue_task(this, (task_t*)ike_natd_create(this->ike_sa, TRUE));
-       queue_task(this, (task_t*)ike_cert_pre_create(this->ike_sa, TRUE));
-       queue_task(this, (task_t*)ike_auth_create(this->ike_sa, TRUE));
-       queue_task(this, (task_t*)ike_cert_post_create(this->ike_sa, TRUE));
-       queue_task(this, (task_t*)ike_config_create(this->ike_sa, TRUE));
-       queue_task(this, (task_t*)ike_auth_lifetime_create(this->ike_sa, TRUE));
-
-       peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
-       if (peer_cfg->use_mobike(peer_cfg))
+       enumerator_t *enumerator;
+       bool has_init = FALSE, has_auth = FALSE;
+       task_t *task;
+
+       /* when initiating with a non-first keying try, IKE_AUTH is still queued,
+        * but IKE_INIT is not */
+       enumerator = this->passive_tasks->create_enumerator(this->passive_tasks);
+       while (enumerator->enumerate(enumerator, &task))
        {
-               queue_task(this, (task_t*)ike_mobike_create(this->ike_sa, TRUE));
+               switch (task->get_type(task))
+               {
+                       case TASK_IKE_INIT:
+                               has_init = TRUE;
+                               break;
+                       case TASK_IKE_AUTH:
+                               has_auth = TRUE;
+                               break;
+                       default:
+                               break;
+               }
+       }
+       enumerator->destroy(enumerator);
+
+       if (!has_init)
+       {
+               queue_task(this, (task_t*)ike_vendor_create(this->ike_sa, TRUE));
+               queue_task(this, (task_t*)ike_init_create(this->ike_sa, TRUE, NULL));
+               queue_task(this, (task_t*)ike_natd_create(this->ike_sa, TRUE));
        }
+       if (!has_auth)
+       {
+               queue_task(this, (task_t*)ike_cert_pre_create(this->ike_sa, TRUE));
+               queue_task(this, (task_t*)ike_auth_create(this->ike_sa, TRUE));
+               queue_task(this, (task_t*)ike_cert_post_create(this->ike_sa, TRUE));
+               queue_task(this, (task_t*)ike_config_create(this->ike_sa, TRUE));
+               queue_task(this, (task_t*)ike_auth_lifetime_create(this->ike_sa, TRUE));
+
+               peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
+               if (peer_cfg->use_mobike(peer_cfg))
+               {
+                       queue_task(this, (task_t*)ike_mobike_create(this->ike_sa, TRUE));
+               }
 #ifdef ME
-       queue_task(this, (task_t*)ike_me_create(this->ike_sa, TRUE));
+               queue_task(this, (task_t*)ike_me_create(this->ike_sa, TRUE));
 #endif /* ME */
+       }
 }
 
 METHOD(task_manager_t, queue_ike_rekey, void,