Handling of new lifetime limits added to stroke.
authorTobias Brunner <tobias@strongswan.org>
Thu, 27 Aug 2009 16:10:39 +0000 (18:10 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 1 Sep 2009 10:53:44 +0000 (12:53 +0200)
src/charon/config/child_cfg.h
src/charon/plugins/stroke/stroke_config.c
src/starter/starterstroke.c
src/stroke/stroke_msg.h

index 7bae8d9..ce6a236 100644 (file)
@@ -93,6 +93,16 @@ struct lifetime_cfg_t {
 };
 
 /**
+ * Helper macro to easily set all three values of a specified limit (time,
+ * bytes, packets).
+ */
+#define LIFETIME_CFG_SET(l, limit, life, rekey, jitter) do { \
+       (l)->life_##limit = (life); \
+       (l)->rekey_##limit = (rekey); \
+       (l)->jitter_##limit = (jitter); \
+} while(0)
+
+/**
  * Create a new lifetime_cfg_t object.
  */
 static inline lifetime_cfg_t* lifetime_cfg_create() {
@@ -108,9 +118,7 @@ static inline lifetime_cfg_t* lifetime_cfg_create_time(u_int64_t life,
                                                                          u_int64_t rekey, u_int64_t jitter)
 {
        lifetime_cfg_t *this = lifetime_cfg_create();
-       this->life_time = life;
-       this->rekey_time = rekey;
-       this->jitter_time = jitter;
+       LIFETIME_CFG_SET(this, time, life, rekey, jitter);
        return this;
 }
 
index 5a4dfe2..c76fd16 100644 (file)
@@ -772,6 +772,14 @@ static child_cfg_t *build_child_cfg(private_stroke_config_t *this,
                                msg->add_conn.rekey.ipsec_lifetime,
                                msg->add_conn.rekey.ipsec_lifetime - msg->add_conn.rekey.margin,
                                msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100);
+       LIFETIME_CFG_SET(lifetime, bytes,
+               msg->add_conn.rekey.life_bytes,
+               msg->add_conn.rekey.life_bytes - msg->add_conn.rekey.margin_bytes,
+               msg->add_conn.rekey.margin_bytes * msg->add_conn.rekey.fuzz / 100);
+       LIFETIME_CFG_SET(lifetime, packets,
+               msg->add_conn.rekey.life_packets,
+               msg->add_conn.rekey.life_packets - msg->add_conn.rekey.margin_packets,
+               msg->add_conn.rekey.margin_packets * msg->add_conn.rekey.fuzz / 100);
        
        child_cfg = child_cfg_create(
                                msg->add_conn.name, lifetime,
index 578c52e..96caff8 100644 (file)
@@ -279,6 +279,10 @@ int starter_stroke_add_conn(starter_config_t *cfg, starter_conn_t *conn)
                msg.add_conn.rekey.ipsec_lifetime = conn->sa_ipsec_life_seconds;
                msg.add_conn.rekey.ike_lifetime = conn->sa_ike_life_seconds;
                msg.add_conn.rekey.margin = conn->sa_rekey_margin;
+               msg.add_conn.rekey.life_bytes = conn->sa_ipsec_life_bytes;
+               msg.add_conn.rekey.margin_bytes = conn->sa_ipsec_margin_bytes;
+               msg.add_conn.rekey.life_packets = conn->sa_ipsec_life_packets;
+               msg.add_conn.rekey.margin_packets = conn->sa_ipsec_margin_packets;
                msg.add_conn.rekey.tries = conn->sa_keying_tries;
                msg.add_conn.rekey.fuzz = conn->sa_rekey_fuzz;
        }
index abf285a..9c3041c 100644 (file)
@@ -237,6 +237,10 @@ struct stroke_msg_t {
                                time_t ipsec_lifetime;
                                time_t ike_lifetime;
                                time_t margin;
+                               u_int64_t life_bytes;
+                               u_int64_t margin_bytes;
+                               u_int64_t life_packets;
+                               u_int64_t margin_packets;
                                unsigned long tries;
                                unsigned long fuzz;
                        } rekey;