implemented ike_rekey()/child_rekey() bus hooks
authorMartin Willi <martin@strongswan.org>
Wed, 8 Jul 2009 12:33:24 +0000 (14:33 +0200)
committerMartin Willi <martin@strongswan.org>
Thu, 9 Jul 2009 13:25:15 +0000 (15:25 +0200)
src/charon/bus/bus.c
src/charon/bus/bus.h
src/charon/sa/tasks/child_rekey.c
src/charon/sa/tasks/ike_rekey.c

index db0ba9a..3a31122 100644 (file)
@@ -514,6 +514,67 @@ static void child_keys(private_bus_t *this, child_sa_t *child_sa,
 }
 
 /**
+ * Implementation of bus_t.ike_rekey
+ */
+static void ike_rekey(private_bus_t *this, ike_sa_t *old, ike_sa_t *new)
+{
+       enumerator_t *enumerator;
+       entry_t *entry;
+       bool keep;
+       
+       this->mutex->lock(this->mutex);
+       enumerator = this->listeners->create_enumerator(this->listeners);
+       while (enumerator->enumerate(enumerator, &entry))
+       {
+               if (entry->calling || !entry->listener->ike_rekey)
+               {
+                       continue;
+               }
+               entry->calling++;
+               keep = entry->listener->ike_rekey(entry->listener, old, new);
+               entry->calling--;
+               if (!keep)
+               {
+                       unregister_listener(this, entry, enumerator);
+               }
+       }
+       enumerator->destroy(enumerator);
+       this->mutex->unlock(this->mutex);
+}
+
+/**
+ * Implementation of bus_t.child_rekey
+ */
+static void child_rekey(private_bus_t *this, child_sa_t *old, child_sa_t *new)
+{
+       enumerator_t *enumerator;
+       ike_sa_t *ike_sa;
+       entry_t *entry;
+       bool keep;
+       
+       ike_sa = pthread_getspecific(this->thread_sa);
+       
+       this->mutex->lock(this->mutex);
+       enumerator = this->listeners->create_enumerator(this->listeners);
+       while (enumerator->enumerate(enumerator, &entry))
+       {
+               if (entry->calling || !entry->listener->child_rekey)
+               {
+                       continue;
+               }
+               entry->calling++;
+               keep = entry->listener->child_rekey(entry->listener, ike_sa, old, new);
+               entry->calling--;
+               if (!keep)
+               {
+                       unregister_listener(this, entry, enumerator);
+               }
+       }
+       enumerator->destroy(enumerator);
+       this->mutex->unlock(this->mutex);
+}
+
+/**
  * Implementation of bus_t.authorize
  */
 static bool authorize(private_bus_t *this, linked_list_t *auth, bool final)
@@ -579,6 +640,8 @@ bus_t *bus_create()
        this->public.message = (void(*)(bus_t*, message_t *message, bool incoming))message;
        this->public.ike_keys = (void(*)(bus_t*, ike_sa_t *ike_sa, diffie_hellman_t *dh, chunk_t nonce_i, chunk_t nonce_r, ike_sa_t *rekey))ike_keys;
        this->public.child_keys = (void(*)(bus_t*, child_sa_t *child_sa, diffie_hellman_t *dh, chunk_t nonce_i, chunk_t nonce_r))child_keys;
+       this->public.ike_rekey = (void(*)(bus_t*, ike_sa_t *old, ike_sa_t *new))ike_rekey;
+       this->public.child_rekey = (void(*)(bus_t*, child_sa_t *old, child_sa_t *new))child_rekey;
        this->public.authorize = (bool(*)(bus_t*, linked_list_t *auth, bool final))authorize;
        this->public.destroy = (void(*)(bus_t*)) destroy;
        
index 4fe6522..f8de63a 100644 (file)
@@ -260,6 +260,23 @@ struct bus_t {
         */
        void (*child_keys)(bus_t *this, child_sa_t *child_sa, diffie_hellman_t *dh,
                                           chunk_t nonce_i, chunk_t nonce_r);
+       
+       /**
+        * IKE_SA rekeying hook.
+        *
+        * @param old           rekeyed and obsolete IKE_SA
+        * @param new           new IKE_SA replacing old
+        */
+       void (*ike_rekey)(bus_t *this, ike_sa_t *old, ike_sa_t *new);
+       
+       /**
+        * CHILD_SA rekeying hook.
+        *
+        * @param old           rekeyed and obsolete CHILD_SA
+        * @param new           new CHILD_SA replacing old
+        */
+       void (*child_rekey)(bus_t *this, child_sa_t *old, child_sa_t *new);
+       
        /**
         * Destroy the event bus.
         */
index 6ab00dc..b5e3789 100644 (file)
@@ -207,6 +207,10 @@ static status_t build_r(private_child_rekey_t *this, message_t *message)
        }
        
        this->child_sa->set_state(this->child_sa, CHILD_REKEYING);
+       
+       /* invoke rekey hook */
+       charon->bus->child_rekey(charon->bus, this->child_sa,
+                                                        this->child_create->get_child(this->child_create));
        return SUCCESS;
 }
 
@@ -303,6 +307,12 @@ static status_t process_i(private_child_rekey_t *this, message_t *message)
                }
        }
        
+       if (to_delete != this->child_create->get_child(this->child_create))
+       {       /* invoke rekey hook if rekeying successful */
+               charon->bus->child_rekey(charon->bus, this->child_sa,
+                                                       this->child_create->get_child(this->child_create));
+       }
+       
        spi = to_delete->get_spi(to_delete, TRUE);
        protocol = to_delete->get_protocol(to_delete);
        
index bead408..3a049b5 100644 (file)
@@ -367,6 +367,8 @@ static void destroy(private_ike_rekey_t *this)
                if (this->new_sa->get_state(this->new_sa) == IKE_ESTABLISHED &&
                        this->new_sa->inherit(this->new_sa, this->ike_sa) != DESTROY_ME)
                {
+                       /* invoke hook if rekeying was successful */
+                       charon->bus->ike_rekey(charon->bus, this->ike_sa, this->new_sa);
                        charon->ike_sa_manager->checkin(charon->ike_sa_manager, this->new_sa);
                }
                else