Support inactivity timeout in IKEv1 CHILD_SAs
authorMartin Willi <martin@revosec.ch>
Mon, 23 Jan 2012 12:49:56 +0000 (13:49 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:39 +0000 (17:31 +0100)
src/libcharon/sa/ikev1/tasks/quick_mode.c

index 6956dcb..d8bc288 100755 (executable)
@@ -26,6 +26,7 @@
 #include <encoding/payloads/payload.h>
 #include <sa/ikev1/tasks/informational.h>
 #include <sa/ikev1/tasks/quick_delete.h>
+#include <processing/jobs/inactivity_job.h>
 
 typedef struct private_quick_mode_t private_quick_mode_t;
 
@@ -137,6 +138,25 @@ struct private_quick_mode_t {
 };
 
 /**
+ * Schedule inactivity timeout for CHILD_SA with reqid, if enabled
+ */
+static void schedule_inactivity_timeout(private_quick_mode_t *this)
+{
+       u_int32_t timeout;
+       bool close_ike;
+
+       timeout = this->config->get_inactivity(this->config);
+       if (timeout)
+       {
+               close_ike = lib->settings->get_bool(lib->settings,
+                                                                               "charon.inactivity_close_ike", FALSE);
+               lib->scheduler->schedule_job(lib->scheduler, (job_t*)
+                               inactivity_job_create(this->child_sa->get_reqid(this->child_sa),
+                                                                         timeout, close_ike), timeout);
+       }
+}
+
+/**
  * Install negotiated CHILD_SA
  */
 static bool install(private_quick_mode_t *this)
@@ -257,8 +277,11 @@ static bool install(private_quick_mode_t *this)
        {
                charon->bus->child_updown(charon->bus, this->child_sa, TRUE);
        }
+       if (!this->rekey)
+       {
+               schedule_inactivity_timeout(this);
+       }
        this->child_sa = NULL;
-
        return TRUE;
 }