Replaced ike_sa_t.create_child_sa_iterator with enumerator.
authorTobias Brunner <tobias@strongswan.org>
Thu, 19 May 2011 15:27:32 +0000 (17:27 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 6 Jul 2011 07:43:45 +0000 (09:43 +0200)
This required two new methods on ike_sa_t. One returns the number of
CHILD_SAs and one allows to remove a CHILD_SA.

16 files changed:
src/conftest/actions.c
src/libcharon/bus/bus.c
src/libcharon/control/controller.c
src/libcharon/plugins/ha/ha_cache.c
src/libcharon/plugins/smp/smp.c
src/libcharon/plugins/stroke/stroke_control.c
src/libcharon/plugins/stroke/stroke_list.c
src/libcharon/plugins/uci/uci_control.c
src/libcharon/processing/jobs/inactivity_job.c
src/libcharon/processing/jobs/migrate_job.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/ike_sa.h
src/libcharon/sa/ike_sa_manager.c
src/libcharon/sa/tasks/ike_mobike.c
src/libcharon/sa/tasks/ike_reauth.c
src/libcharon/sa/tasks/ike_rekey.c

index d07e563..1844d0c 100644 (file)
@@ -114,8 +114,7 @@ static job_requeue_t rekey_ike(char *config)
  */
 static job_requeue_t rekey_child(char *config)
 {
-       enumerator_t *enumerator;
-       iterator_t *children;
+       enumerator_t *enumerator, *children;
        ike_sa_t *ike_sa;
        child_sa_t *child_sa;
        u_int32_t reqid = 0, spi = 0;
@@ -125,8 +124,8 @@ static job_requeue_t rekey_child(char *config)
                                                                                                        charon->controller, TRUE);
        while (enumerator->enumerate(enumerator, &ike_sa))
        {
-               children = ike_sa->create_child_sa_iterator(ike_sa);
-               while (children->iterate(children, (void**)&child_sa))
+               children = ike_sa->create_child_sa_enumerator(ike_sa);
+               while (children->enumerate(children, (void**)&child_sa))
                {
                        if (streq(config, child_sa->get_name(child_sa)))
                        {
@@ -222,8 +221,7 @@ static job_requeue_t close_ike(char *config)
  */
 static job_requeue_t close_child(char *config)
 {
-       enumerator_t *enumerator;
-       iterator_t *children;
+       enumerator_t *enumerator, *children;
        ike_sa_t *ike_sa;
        child_sa_t *child_sa;
        int id = 0;
@@ -233,8 +231,8 @@ static job_requeue_t close_child(char *config)
        while (enumerator->enumerate(enumerator, &ike_sa))
        {
 
-               children = ike_sa->create_child_sa_iterator(ike_sa);
-               while (children->iterate(children, (void**)&child_sa))
+               children = ike_sa->create_child_sa_enumerator(ike_sa);
+               while (children->enumerate(children, (void**)&child_sa))
                {
                        if (streq(config, child_sa->get_name(child_sa)))
                        {
index 23931c4..f2f59d7 100644 (file)
@@ -564,15 +564,15 @@ METHOD(bus_t, ike_updown, void,
        /* a down event for IKE_SA implicitly downs all CHILD_SAs */
        if (!up)
        {
-               iterator_t *iterator;
+               enumerator_t *enumerator;
                child_sa_t *child_sa;
 
-               iterator = ike_sa->create_child_sa_iterator(ike_sa);
-               while (iterator->iterate(iterator, (void**)&child_sa))
+               enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
+               while (enumerator->enumerate(enumerator, (void**)&child_sa))
                {
                        child_updown(this, child_sa, FALSE);
                }
-               iterator->destroy(iterator);
+               enumerator->destroy(enumerator);
        }
 }
 
index 09291c8..3893a61 100644 (file)
@@ -367,7 +367,7 @@ METHOD(controller_t, terminate_child, status_t,
 {
        ike_sa_t *ike_sa;
        child_sa_t *child_sa;
-       iterator_t *iterator;
+       enumerator_t *enumerator;
        interface_job_t job = {
                .listener = {
                        .public = {
@@ -397,8 +397,8 @@ METHOD(controller_t, terminate_child, status_t,
        }
        job.listener.ike_sa = ike_sa;
 
-       iterator = ike_sa->create_child_sa_iterator(ike_sa);
-       while (iterator->iterate(iterator, (void**)&child_sa))
+       enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
+       while (enumerator->enumerate(enumerator, (void**)&child_sa))
        {
                if (child_sa->get_state(child_sa) != CHILD_ROUTED &&
                        child_sa->get_reqid(child_sa) == reqid)
@@ -407,7 +407,7 @@ METHOD(controller_t, terminate_child, status_t,
                }
                child_sa = NULL;
        }
-       iterator->destroy(iterator);
+       enumerator->destroy(enumerator);
 
        if (child_sa == NULL)
        {
index b6525a8..a7ddc28 100644 (file)
@@ -196,12 +196,12 @@ METHOD(ha_cache_t, delete_, void,
  */
 static status_t rekey_children(ike_sa_t *ike_sa)
 {
-       iterator_t *iterator;
+       enumerator_t *enumerator;
        child_sa_t *child_sa;
        status_t status = SUCCESS;
 
-       iterator = ike_sa->create_child_sa_iterator(ike_sa);
-       while (iterator->iterate(iterator, (void**)&child_sa))
+       enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
+       while (enumerator->enumerate(enumerator, (void**)&child_sa))
        {
                DBG1(DBG_CFG, "resyncing CHILD_SA");
                status = ike_sa->rekey_child_sa(ike_sa, child_sa->get_protocol(child_sa),
@@ -211,7 +211,7 @@ static status_t rekey_children(ike_sa_t *ike_sa)
                        break;
                }
        }
-       iterator->destroy(iterator);
+       enumerator->destroy(enumerator);
        return status;
 }
 
index 58f98cf..ea54dbf 100644 (file)
@@ -214,7 +214,7 @@ static void request_query_ikesa(xmlTextReaderPtr reader, xmlTextWriterPtr writer
        {
                ike_sa_id_t *id;
                host_t *local, *remote;
-               iterator_t *children;
+               enumerator_t *children;
                child_sa_t *child_sa;
 
                id = ike_sa->get_id(ike_sa);
@@ -264,8 +264,8 @@ static void request_query_ikesa(xmlTextReaderPtr reader, xmlTextWriterPtr writer
 
                /* <childsalist> */
                xmlTextWriterStartElement(writer, "childsalist");
-               children = ike_sa->create_child_sa_iterator(ike_sa);
-               while (children->iterate(children, (void**)&child_sa))
+               children = ike_sa->create_child_sa_enumerator(ike_sa);
+               while (children->enumerate(children, (void**)&child_sa))
                {
                        write_child(writer, child_sa);
                }
index 9557648..972606d 100644 (file)
@@ -294,12 +294,12 @@ METHOD(stroke_control_t, terminate, void,
        while (enumerator->enumerate(enumerator, &ike_sa))
        {
                child_sa_t *child_sa;
-               iterator_t *children;
+               enumerator_t *children;
 
                if (child)
                {
-                       children = ike_sa->create_child_sa_iterator(ike_sa);
-                       while (children->iterate(children, (void**)&child_sa))
+                       children = ike_sa->create_child_sa_enumerator(ike_sa);
+                       while (children->enumerate(children, (void**)&child_sa))
                        {
                                if (streq(name, child_sa->get_name(child_sa)))
                                {
@@ -374,12 +374,12 @@ METHOD(stroke_control_t, rekey, void,
        while (enumerator->enumerate(enumerator, &ike_sa))
        {
                child_sa_t *child_sa;
-               iterator_t *children;
+               enumerator_t *children;
 
                if (child)
                {
-                       children = ike_sa->create_child_sa_iterator(ike_sa);
-                       while (children->iterate(children, (void**)&child_sa))
+                       children = ike_sa->create_child_sa_enumerator(ike_sa);
+                       while (children->enumerate(children, (void**)&child_sa))
                        {
                                if ((name && streq(name, child_sa->get_name(child_sa))) ||
                                        (id && id == child_sa->get_reqid(child_sa)))
@@ -486,8 +486,7 @@ METHOD(stroke_control_t, terminate_srcip, void,
 METHOD(stroke_control_t, purge_ike, void,
        private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
 {
-       enumerator_t *enumerator;
-       iterator_t *iterator;
+       enumerator_t *enumerator, *children;
        ike_sa_t *ike_sa;
        child_sa_t *child_sa;
        linked_list_t *list;
@@ -502,13 +501,13 @@ METHOD(stroke_control_t, purge_ike, void,
                                                                                                        charon->controller, TRUE);
        while (enumerator->enumerate(enumerator, &ike_sa))
        {
-               iterator = ike_sa->create_child_sa_iterator(ike_sa);
-               if (!iterator->iterate(iterator, (void**)&child_sa))
+               children = ike_sa->create_child_sa_enumerator(ike_sa);
+               if (!children->enumerate(children, (void**)&child_sa))
                {
                        list->insert_last(list,
                                                (void*)(uintptr_t)ike_sa->get_unique_id(ike_sa));
                }
-               iterator->destroy(iterator);
+               children->destroy(children);
        }
        enumerator->destroy(enumerator);
 
index d93164d..6995f6e 100644 (file)
@@ -576,7 +576,7 @@ METHOD(stroke_list_t, status, void,
        while (enumerator->enumerate(enumerator, &ike_sa))
        {
                bool ike_printed = FALSE;
-               iterator_t *children = ike_sa->create_child_sa_iterator(ike_sa);
+               enumerator_t *children = ike_sa->create_child_sa_enumerator(ike_sa);
 
                if (name == NULL || streq(name, ike_sa->get_name(ike_sa)))
                {
@@ -585,7 +585,7 @@ METHOD(stroke_list_t, status, void,
                        ike_printed = TRUE;
                }
 
-               while (children->iterate(children, (void**)&child_sa))
+               while (children->enumerate(children, (void**)&child_sa))
                {
                        if (name == NULL || streq(name, child_sa->get_name(child_sa)))
                        {
index 1fe9818..caf8acf 100644 (file)
@@ -76,8 +76,7 @@ static void write_fifo(private_uci_control_t *this, char *format, ...)
  */
 static void status(private_uci_control_t *this, char *name)
 {
-       enumerator_t *configs, *sas;
-       iterator_t *children;
+       enumerator_t *configs, *sas, *children;
        ike_sa_t *ike_sa;
        child_sa_t *child_sa;
        peer_cfg_t *peer_cfg;
@@ -111,8 +110,8 @@ static void status(private_uci_control_t *this, char *name)
                        fprintf(out, "%-8s %-20D %-16H ", ike_sa->get_name(ike_sa),
                                ike_sa->get_other_id(ike_sa), ike_sa->get_other_host(ike_sa));
 
-                       children = ike_sa->create_child_sa_iterator(ike_sa);
-                       while (children->iterate(children, (void**)&child_sa))
+                       children = ike_sa->create_child_sa_enumerator(ike_sa);
+                       while (children->enumerate(children, (void**)&child_sa))
                        {
                                fprintf(out, "%#R",
                                                child_sa->get_traffic_selectors(child_sa, FALSE));
index f3140c7..251b9ab 100644 (file)
@@ -61,15 +61,15 @@ METHOD(job_t, execute, void,
                                                                                                        this->reqid, TRUE);
        if (ike_sa)
        {
-               iterator_t *iterator;
+               enumerator_t *enumerator;
                child_sa_t *child_sa;
                u_int32_t delete = 0;
                protocol_id_t proto = 0;
                int children = 0;
                status_t status = SUCCESS;
 
-               iterator = ike_sa->create_child_sa_iterator(ike_sa);
-               while (iterator->iterate(iterator, (void**)&child_sa))
+               enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
+               while (enumerator->enumerate(enumerator, (void**)&child_sa))
                {
                        if (child_sa->get_reqid(child_sa) == this->reqid)
                        {
@@ -94,7 +94,7 @@ METHOD(job_t, execute, void,
                        }
                        children++;
                }
-               iterator->destroy(iterator);
+               enumerator->destroy(enumerator);
 
                if (delete)
                {
index 7190826..eb10e2e 100644 (file)
@@ -79,12 +79,12 @@ METHOD(job_t, execute, void,
        }
        if (ike_sa)
        {
-               iterator_t *children;
+               enumerator_t *children;
                child_sa_t *child_sa;
                host_t *host;
 
-               children = ike_sa->create_child_sa_iterator(ike_sa);
-               while (children->iterate(children, (void**)&child_sa))
+               children = ike_sa->create_child_sa_enumerator(ike_sa);
+               while (children->enumerate(children, (void**)&child_sa))
                {
                        if (child_sa->get_reqid(child_sa) == this->reqid)
                        {
index be93ca4..f4ce35d 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006-2008 Tobias Brunner
+ * Copyright (C) 2006-2011 Tobias Brunner
  * Copyright (C) 2006 Daniel Roethlisberger
  * Copyright (C) 2005-2009 Martin Willi
  * Copyright (C) 2005 Jan Hutter
@@ -1393,10 +1393,22 @@ METHOD(ike_sa_t, get_child_sa, child_sa_t*,
        return found;
 }
 
-METHOD(ike_sa_t, create_child_sa_iterator, iterator_t*,
+METHOD(ike_sa_t, get_child_count, int,
        private_ike_sa_t *this)
 {
-       return this->child_sas->create_iterator(this->child_sas, TRUE);
+       return this->child_sas->get_count(this->child_sas);
+}
+
+METHOD(ike_sa_t, create_child_sa_enumerator, enumerator_t*,
+       private_ike_sa_t *this)
+{
+       return this->child_sas->create_enumerator(this->child_sas);
+}
+
+METHOD(ike_sa_t, remove_child_sa, void,
+       private_ike_sa_t *this, enumerator_t *enumerator)
+{
+       this->child_sas->remove_at(this->child_sas, enumerator);
 }
 
 METHOD(ike_sa_t, rekey_child_sa, status_t,
@@ -2113,7 +2125,9 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
                        .get_keymat = _get_keymat,
                        .add_child_sa = _add_child_sa,
                        .get_child_sa = _get_child_sa,
-                       .create_child_sa_iterator = _create_child_sa_iterator,
+                       .get_child_count = _get_child_count,
+                       .create_child_sa_enumerator = _create_child_sa_enumerator,
+                       .remove_child_sa = _remove_child_sa,
                        .rekey_child_sa = _rekey_child_sa,
                        .delete_child_sa = _delete_child_sa,
                        .destroy_child_sa = _destroy_child_sa,
index 69a74d8..1b2ccd7 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006-2008 Tobias Brunner
+ * Copyright (C) 2006-2011 Tobias Brunner
  * Copyright (C) 2006 Daniel Roethlisberger
  * Copyright (C) 2005-2009 Martin Willi
  * Copyright (C) 2005 Jan Hutter
@@ -260,14 +260,14 @@ struct ike_sa_t {
         *
         * Returned ike_sa_id_t object is not getting cloned!
         *
-        * @return                              ike_sa's ike_sa_id_t
+        * @return                              ike_sa's ike_sa_id_t
         */
        ike_sa_id_t* (*get_id) (ike_sa_t *this);
 
        /**
         * Get the numerical ID uniquely defining this IKE_SA.
         *
-        * @return                              unique ID
+        * @return                              unique ID
         */
        u_int32_t (*get_unique_id) (ike_sa_t *this);
 
@@ -474,7 +474,7 @@ struct ike_sa_t {
        /**
         * Create an iterator over all additional addresses of the peer.
         *
-        * @return                              iterator over addresses
+        * @return                              iterator over addresses
         */
        iterator_t* (*create_additional_address_iterator)(ike_sa_t *this);
 
@@ -567,8 +567,8 @@ struct ike_sa_t {
         *
         * @param mediated_cfg  peer_cfg of the mediated connection
         * @return
-        *                                              - SUCCESS if initialization started
-        *                                              - DESTROY_ME if initialization failed
+        *                                              - SUCCESS if initialization started
+        *                                              - DESTROY_ME if initialization failed
         */
        status_t (*initiate_mediation) (ike_sa_t *this, peer_cfg_t *mediated_cfg);
 
@@ -579,8 +579,8 @@ struct ike_sa_t {
         * @param other                 remote endpoint (gets cloned)
         * @param connect_id    connect ID (gets cloned)
         * @return
-        *                                              - SUCCESS if initialization started
-        *                                              - DESTROY_ME if initialization failed
+        *                                              - SUCCESS if initialization started
+        *                                              - DESTROY_ME if initialization failed
         */
        status_t (*initiate_mediated) (ike_sa_t *this, host_t *me, host_t *other,
                                                                   chunk_t connect_id);
@@ -597,8 +597,8 @@ struct ike_sa_t {
         * @param endpoints             endpoints
         * @param response              TRUE if this is a response
         * @return
-        *                                              - SUCCESS if relay started
-        *                                              - DESTROY_ME if relay failed
+        *                                              - SUCCESS if relay started
+        *                                              - DESTROY_ME if relay failed
         */
        status_t (*relay) (ike_sa_t *this, identification_t *requester,
                                           chunk_t connect_id, chunk_t connect_key,
@@ -611,8 +611,8 @@ struct ike_sa_t {
         *
         * @param peer_id               ID of the other peer
         * @return
-        *                                              - SUCCESS if response started
-        *                                              - DESTROY_ME if response failed
+        *                                              - SUCCESS if response started
+        *                                              - DESTROY_ME if response failed
         */
        status_t (*callback) (ike_sa_t *this, identification_t *peer_id);
 
@@ -624,8 +624,8 @@ struct ike_sa_t {
         * @param peer_id               ID of the other peer
         * @param connect_id    the connect ID supplied by the initiator
         * @return
-        *                                              - SUCCESS if response started
-        *                                              - DESTROY_ME if response failed
+        *                                              - SUCCESS if response started
+        *                                              - DESTROY_ME if response failed
         */
        status_t (*respond) (ike_sa_t *this, identification_t *peer_id,
                                                 chunk_t connect_id);
@@ -643,8 +643,8 @@ struct ike_sa_t {
         * @param tsi                   source of triggering packet
         * @param tsr                   destination of triggering packet.
         * @return
-        *                                              - SUCCESS if initialization started
-        *                                              - DESTROY_ME if initialization failed
+        *                                              - SUCCESS if initialization started
+        *                                              - DESTROY_ME if initialization failed
         */
        status_t (*initiate) (ike_sa_t *this, child_cfg_t *child_cfg,
                                                  u_int32_t reqid, traffic_selector_t *tsi,
@@ -658,10 +658,10 @@ struct ike_sa_t {
         * the IKE SA gets deleted.
         *
         * @return
-        *                                              - SUCCESS if deletion is initialized
-        *                                              - DESTROY_ME, if the IKE_SA is not in
-        *                                                an established state and can not be
-        *                                                deleted (but destroyed).
+        *                                              - SUCCESS if deletion is initialized
+        *                                              - DESTROY_ME, if the IKE_SA is not in
+        *                                                an established state and can not be
+        *                                                deleted (but destroyed).
         */
        status_t (*delete) (ike_sa_t *this);
 
@@ -686,11 +686,11 @@ struct ike_sa_t {
         * process_message() return DESTROY_ME. Then the caller must
         * destroy the IKE_SA immediatly, as it is unusable.
         *
-        * @param message               message to process
+        * @param message               message to process
         * @return
-        *                                              - SUCCESS
-        *                                              - FAILED
-        *                                              - DESTROY_ME if this IKE_SA MUST be deleted
+        *                                              - SUCCESS
+        *                                              - FAILED
+        *                                              - DESTROY_ME if this IKE_SA MUST be deleted
         */
        status_t (*process_message) (ike_sa_t *this, message_t *message);
 
@@ -700,12 +700,12 @@ struct ike_sa_t {
         * This method generates all payloads in the message and encrypts/signs
         * the packet.
         *
-        * @param message               message to generate
+        * @param message               message to generate
         * @param packet                generated output packet
         * @return
-        *                                              - SUCCESS
-        *                                              - FAILED
-        *                                              - DESTROY_ME if this IKE_SA MUST be deleted
+        *                                              - SUCCESS
+        *                                              - FAILED
+        *                                              - DESTROY_ME if this IKE_SA MUST be deleted
         */
        status_t (*generate_message) (ike_sa_t *this, message_t *message,
                                                                  packet_t **packet);
@@ -715,8 +715,8 @@ struct ike_sa_t {
         *
         * @param message_id    ID of the request to retransmit
         * @return
-        *                                              - SUCCESS
-        *                                              - NOT_FOUND if request doesn't have to be retransmited
+        *                                              - SUCCESS
+        *                                              - NOT_FOUND if request doesn't have to be retransmited
         */
        status_t (*retransmit) (ike_sa_t *this, u_int32_t message_id);
 
@@ -728,8 +728,8 @@ struct ike_sa_t {
         * other traffic was received.
         *
         * @return
-        *                                              - SUCCESS
-        *                                              - DESTROY_ME, if peer did not respond
+        *                                              - SUCCESS
+        *                                              - DESTROY_ME, if peer did not respond
         */
        status_t (*send_dpd) (ike_sa_t *this);
 
@@ -769,11 +769,25 @@ struct ike_sa_t {
                                                                 u_int32_t spi, bool inbound);
 
        /**
-        * Create an iterator over all CHILD_SAs.
+        * Get the number of CHILD_SAs.
         *
-        * @return                              iterator
+        * @return                              number of CHILD_SAs
         */
-       iterator_t* (*create_child_sa_iterator) (ike_sa_t *this);
+       int (*get_child_count) (ike_sa_t *this);
+
+       /**
+        * Create an enumerator over all CHILD_SAs.
+        *
+        * @return                              enumerator
+        */
+       enumerator_t* (*create_child_sa_enumerator) (ike_sa_t *this);
+
+       /**
+        * Remove the CHILD_SA the given enumerator points to from this IKE_SA.
+        *
+        * @param enumerator    enumerator pointing to CHILD_SA
+        */
+       void (*remove_child_sa) (ike_sa_t *this, enumerator_t *enumerator);
 
        /**
         * Rekey the CHILD SA with the specified reqid.
@@ -783,8 +797,8 @@ struct ike_sa_t {
         * @param protocol              protocol of the SA
         * @param spi                   inbound SPI of the CHILD_SA
         * @return
-        *                                              - NOT_FOUND, if IKE_SA has no such CHILD_SA
-        *                                              - SUCCESS, if rekeying initiated
+        *                                              - NOT_FOUND, if IKE_SA has no such CHILD_SA
+        *                                              - SUCCESS, if rekeying initiated
         */
        status_t (*rekey_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
 
@@ -798,8 +812,8 @@ struct ike_sa_t {
         * @param protocol              protocol of the SA
         * @param spi                   inbound SPI of the CHILD_SA
         * @return
-        *                                              - NOT_FOUND, if IKE_SA has no such CHILD_SA
-        *                                              - SUCCESS, if delete message sent
+        *                                              - NOT_FOUND, if IKE_SA has no such CHILD_SA
+        *                                              - SUCCESS, if delete message sent
         */
        status_t (*delete_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
 
@@ -811,8 +825,8 @@ struct ike_sa_t {
         * @param protocol              protocol of the SA
         * @param spi                   inbound SPI of the CHILD_SA
         * @return
-        *                                              - NOT_FOUND, if IKE_SA has no such CHILD_SA
-        *                                              - SUCCESS
+        *                                              - NOT_FOUND, if IKE_SA has no such CHILD_SA
+        *                                              - SUCCESS
         */
        status_t (*destroy_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
 
@@ -929,8 +943,8 @@ struct ike_sa_t {
 /**
  * Creates an ike_sa_t object with a specific ID.
  *
- * @param ike_sa_id    ike_sa_id_t object to associate with new IKE_SA
- * @return                             ike_sa_t object
+ * @param ike_sa_id            ike_sa_id_t object to associate with new IKE_SA
+ * @return                             ike_sa_t object
  */
 ike_sa_t *ike_sa_create(ike_sa_id_t *ike_sa_id);
 
index 7f3ca7d..731ae60 100644 (file)
@@ -1134,8 +1134,7 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
 METHOD(ike_sa_manager_t, checkout_by_id, ike_sa_t*,
        private_ike_sa_manager_t *this, u_int32_t id, bool child)
 {
-       enumerator_t *enumerator;
-       iterator_t *children;
+       enumerator_t *enumerator, *children;
        entry_t *entry;
        ike_sa_t *ike_sa = NULL;
        child_sa_t *child_sa;
@@ -1151,8 +1150,8 @@ METHOD(ike_sa_manager_t, checkout_by_id, ike_sa_t*,
                        /* look for a child with such a reqid ... */
                        if (child)
                        {
-                               children = entry->ike_sa->create_child_sa_iterator(entry->ike_sa);
-                               while (children->iterate(children, (void**)&child_sa))
+                               children = entry->ike_sa->create_child_sa_enumerator(entry->ike_sa);
+                               while (children->enumerate(children, (void**)&child_sa))
                                {
                                        if (child_sa->get_reqid(child_sa) == id)
                                        {
@@ -1188,8 +1187,7 @@ METHOD(ike_sa_manager_t, checkout_by_id, ike_sa_t*,
 METHOD(ike_sa_manager_t, checkout_by_name, ike_sa_t*,
        private_ike_sa_manager_t *this, char *name, bool child)
 {
-       enumerator_t *enumerator;
-       iterator_t *children;
+       enumerator_t *enumerator, *children;
        entry_t *entry;
        ike_sa_t *ike_sa = NULL;
        child_sa_t *child_sa;
@@ -1203,8 +1201,8 @@ METHOD(ike_sa_manager_t, checkout_by_name, ike_sa_t*,
                        /* look for a child with such a policy name ... */
                        if (child)
                        {
-                               children = entry->ike_sa->create_child_sa_iterator(entry->ike_sa);
-                               while (children->iterate(children, (void**)&child_sa))
+                               children = entry->ike_sa->create_child_sa_enumerator(entry->ike_sa);
+                               while (children->enumerate(children, (void**)&child_sa))
                                {
                                        if (streq(child_sa->get_name(child_sa), name))
                                        {
index 5b12eaa..eec68c6 100644 (file)
@@ -256,11 +256,11 @@ static void build_cookie(private_ike_mobike_t *this, message_t *message)
  */
 static void update_children(private_ike_mobike_t *this)
 {
-       iterator_t *iterator;
+       enumerator_t *enumerator;
        child_sa_t *child_sa;
 
-       iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
-       while (iterator->iterate(iterator, (void**)&child_sa))
+       enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
+       while (enumerator->enumerate(enumerator, (void**)&child_sa))
        {
                if (child_sa->update(child_sa,
                                this->ike_sa->get_my_host(this->ike_sa),
@@ -273,7 +273,7 @@ static void update_children(private_ike_mobike_t *this)
                                        child_sa->get_spi(child_sa, TRUE));
                }
        }
-       iterator->destroy(iterator);
+       enumerator->destroy(enumerator);
 }
 
 /**
index ac89c35..b3423f9 100644 (file)
@@ -57,7 +57,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
 {
        ike_sa_t *new;
        host_t *host;
-       iterator_t *iterator;
+       enumerator_t *enumerator;
        child_sa_t *child_sa;
        peer_cfg_t *peer_cfg;
 
@@ -67,8 +67,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
        peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
 
        /* reauthenticate only if we have children */
-       iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
-       if (iterator->get_count(iterator) == 0
+       if (this->ike_sa->get_child_count(this->ike_sa) == 0
 #ifdef ME
                /* we allow peers to reauth mediation connections (without children) */
                && !peer_cfg->is_mediation(peer_cfg)
@@ -76,7 +75,6 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
                )
        {
                DBG1(DBG_IKE, "unable to reauthenticate IKE_SA, no CHILD_SA to recreate");
-               iterator->destroy(iterator);
                return FAILED;
        }
 
@@ -110,14 +108,15 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
        }
 #endif /* ME */
 
-       while (iterator->iterate(iterator, (void**)&child_sa))
+       enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
+       while (enumerator->enumerate(enumerator, (void**)&child_sa))
        {
                switch (child_sa->get_state(child_sa))
                {
                        case CHILD_ROUTED:
                        {
                                /* move routed child directly */
-                               iterator->remove(iterator);
+                               this->ike_sa->remove_child_sa(this->ike_sa, enumerator);
                                new->add_child_sa(new, child_sa);
                                break;
                        }
@@ -128,7 +127,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
                                child_cfg->get_ref(child_cfg);
                                if (new->initiate(new, child_cfg, 0, NULL, NULL) == DESTROY_ME)
                                {
-                                       iterator->destroy(iterator);
+                                       enumerator->destroy(enumerator);
                                        charon->ike_sa_manager->checkin_and_destroy(
                                                                                charon->ike_sa_manager, new);
                                        /* set threads active IKE_SA after checkin */
@@ -140,7 +139,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
                        }
                }
        }
-       iterator->destroy(iterator);
+       enumerator->destroy(enumerator);
        charon->ike_sa_manager->checkin(charon->ike_sa_manager, new);
        /* set threads active IKE_SA after checkin */
        charon->bus->set_sa(charon->bus, this->ike_sa);
index c055dab..826d6e1 100644 (file)
@@ -147,8 +147,8 @@ METHOD(task_t, build_i, status_t,
 METHOD(task_t, process_r, status_t,
        private_ike_rekey_t *this, message_t *message)
 {
+       enumerator_t *enumerator;
        peer_cfg_t *peer_cfg;
-       iterator_t *iterator;
        child_sa_t *child_sa;
 
        if (this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
@@ -157,8 +157,8 @@ METHOD(task_t, process_r, status_t,
                return NEED_MORE;
        }
 
-       iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
-       while (iterator->iterate(iterator, (void**)&child_sa))
+       enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
+       while (enumerator->enumerate(enumerator, (void**)&child_sa))
        {
                switch (child_sa->get_state(child_sa))
                {
@@ -167,13 +167,13 @@ METHOD(task_t, process_r, status_t,
                        case CHILD_DELETING:
                                /* we do not allow rekeying while we have children in-progress */
                                DBG1(DBG_IKE, "peer initiated rekeying, but a child is half-open");
-                               iterator->destroy(iterator);
+                               enumerator->destroy(enumerator);
                                return NEED_MORE;
                        default:
                                break;
                }
        }
-       iterator->destroy(iterator);
+       enumerator->destroy(enumerator);
 
        this->new_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
                                                                                                                FALSE);