projects / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f6d0965)
attr-sql: Make release of online leases during startup optional
authorTobias Brunner <tobias@strongswan.org>
Tue, 21 Mar 2017 07:53:02 +0000 (08:53 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 19 May 2017 13:22:51 +0000 (15:22 +0200)
This cleanup prevents sharing the same DB between multiple VPN gateways.

conf/plugins/attr-sql.opt patch | blob | history
src/libcharon/plugins/attr_sql/attr_sql_provider.c patch | blob | history

diff --git a/conf/plugins/attr-sql.opt b/conf/plugins/attr-sql.opt
index abd749e..58f05bb 100644 (file)
--- a/conf/plugins/attr-sql.opt
+++ b/conf/plugins/attr-sql.opt
@@ -1,3 +1,7 @@
+charon.plugins.attr-sql.crash_recovery = yes
+       Release all online leases during startup.  Disable this to share the DB
+       between multiple VPN gateways.
+
 charon.plugins.attr-sql.database
        Database URI for attr-sql plugin used by charon. If it contains a password,
        make sure to adjust the permissions of the config file accordingly.
diff --git a/src/libcharon/plugins/attr_sql/attr_sql_provider.c b/src/libcharon/plugins/attr_sql/attr_sql_provider.c
index c241070..33d9f99 100644 (file)
--- a/src/libcharon/plugins/attr_sql/attr_sql_provider.c
+++ b/src/libcharon/plugins/attr_sql/attr_sql_provider.c
@@ -200,7 +200,6 @@ static host_t* get_lease(private_attr_sql_provider_t *this, char *name,
                                "SELECT id, address FROM addresses "
                                "WHERE pool = ? AND identity = 0 LIMIT 1",
                                DB_UINT, pool, DB_UINT, DB_BLOB);
-
                }
 
                if (!e || !e->enumerate(e, &id, &address))
@@ -447,7 +446,6 @@ METHOD(attr_sql_provider_t, destroy, void,
 attr_sql_provider_t *attr_sql_provider_create(database_t *db)
 {
        private_attr_sql_provider_t *this;
-       time_t now = time(NULL);
 
        INIT(this,
                .public = {
@@ -460,19 +458,25 @@ attr_sql_provider_t *attr_sql_provider_create(database_t *db)
                },
                .db = db,
                .history = lib->settings->get_bool(lib->settings,
-                                                       "%s.plugins.attr-sql.lease_history", TRUE, lib->ns),
+                                               "%s.plugins.attr-sql.lease_history", TRUE, lib->ns),
        );
 
-       /* close any "online" leases in the case we crashed */
-       if (this->history)
+       if (lib->settings->get_bool(lib->settings,
+                                               "%s.plugins.attr-sql.crash_recovery", TRUE, lib->ns))
        {
-               this->db->execute(this->db, NULL,
+               time_t now = time(NULL);
+
+               /* close any "online" leases in the case we crashed */
+               if (this->history)
+               {
+                       this->db->execute(this->db, NULL,
                                        "INSERT INTO leases (address, identity, acquired, released)"
                                        " SELECT id, identity, acquired, ? FROM addresses "
                                        " WHERE released = 0", DB_UINT, now);
-       }
-       this->db->execute(this->db, NULL,
+               }
+               this->db->execute(this->db, NULL,
                                          "UPDATE addresses SET released = ? WHERE released = 0",
                                          DB_UINT, now);
+       }
        return &this->public;
 }
strongSwan - IPsec VPN