Add ike_reestablish() event that is triggered when an IKE_SA is reestablished
authorTobias Brunner <tobias@strongswan.org>
Wed, 5 Sep 2012 09:34:50 +0000 (11:34 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 6 Sep 2012 09:25:14 +0000 (11:25 +0200)
This is particularly useful during reauthentication to get the new
IKE_SA.

src/libcharon/bus/bus.c
src/libcharon/bus/bus.h
src/libcharon/bus/listeners/listener.h
src/libcharon/sa/ike_sa.c

index e46559f..1f9592e 100644 (file)
@@ -659,6 +659,33 @@ METHOD(bus_t, ike_rekey, void,
        this->mutex->unlock(this->mutex);
 }
 
+METHOD(bus_t, ike_reestablish, void,
+       private_bus_t *this, ike_sa_t *old, ike_sa_t *new)
+{
+       enumerator_t *enumerator;
+       entry_t *entry;
+       bool keep;
+
+       this->mutex->lock(this->mutex);
+       enumerator = this->listeners->create_enumerator(this->listeners);
+       while (enumerator->enumerate(enumerator, &entry))
+       {
+               if (entry->calling || !entry->listener->ike_reestablish)
+               {
+                       continue;
+               }
+               entry->calling++;
+               keep = entry->listener->ike_reestablish(entry->listener, old, new);
+               entry->calling--;
+               if (!keep)
+               {
+                       unregister_listener(this, entry, enumerator);
+               }
+       }
+       enumerator->destroy(enumerator);
+       this->mutex->unlock(this->mutex);
+}
+
 METHOD(bus_t, authorize, bool,
        private_bus_t *this, bool final)
 {
@@ -770,6 +797,7 @@ bus_t *bus_create()
                        .child_keys = _child_keys,
                        .ike_updown = _ike_updown,
                        .ike_rekey = _ike_rekey,
+                       .ike_reestablish = _ike_reestablish,
                        .child_updown = _child_updown,
                        .child_rekey = _child_rekey,
                        .authorize = _authorize,
index f9c4394..9f820e6 100644 (file)
@@ -318,6 +318,14 @@ struct bus_t {
        void (*ike_rekey)(bus_t *this, ike_sa_t *old, ike_sa_t *new);
 
        /**
+        * IKE_SA reestablishing hook.
+        *
+        * @param old           reestablished and obsolete IKE_SA
+        * @param new           new IKE_SA replacing old
+        */
+       void (*ike_reestablish)(bus_t *this, ike_sa_t *old, ike_sa_t *new);
+
+       /**
         * CHILD_SA up/down hook.
         *
         * @param child_sa      CHILD_SA coming up/going down
index 703e852..7822893 100644 (file)
@@ -127,6 +127,18 @@ struct listener_t {
        bool (*ike_rekey)(listener_t *this, ike_sa_t *old, ike_sa_t *new);
 
        /**
+        * Hook called when an initiator reestablishes an IKE_SA.
+        *
+        * This is invoked right before the new IKE_SA is checked in after
+        * initiating it.  It is not invoked on the responder.
+        *
+        * @param old           IKE_SA getting reestablished (is destroyed)
+        * @param new           new IKE_SA replacing old (gets established)
+        * @return                      TRUE to stay registered, FALSE to unregister
+        */
+       bool (*ike_reestablish)(listener_t *this, ike_sa_t *old, ike_sa_t *new);
+
+       /**
         * Hook called when a CHILD_SA gets up or down.
         *
         * @param ike_sa        IKE_SA containing the handled CHILD_SA
index e795d01..e141380 100644 (file)
@@ -1659,6 +1659,7 @@ METHOD(ike_sa_t, reestablish, status_t,
        }
        else
        {
+               charon->bus->ike_reestablish(charon->bus, &this->public, new);
                charon->ike_sa_manager->checkin(charon->ike_sa_manager, new);
                status = SUCCESS;
        }