child-sa: Add method to associate rekeyed CHILD_SAs with their replacement
authorTobias Brunner <tobias@strongswan.org>
Tue, 28 Feb 2017 14:03:45 +0000 (15:03 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 23 May 2017 16:46:06 +0000 (18:46 +0200)
src/libcharon/sa/child_sa.c
src/libcharon/sa/child_sa.h

index 93a2120..29d4680 100644 (file)
@@ -113,6 +113,11 @@ struct private_child_sa_t {
        bool tfcv3;
 
        /**
+        * The outbound SPI of the CHILD_SA that replaced this one during a rekeying
+        */
+       uint32_t rekey_spi;
+
+       /**
         * Protocol used to protect this SA, ESP|AH
         */
        protocol_id_t protocol;
@@ -1303,6 +1308,18 @@ METHOD(child_sa_t, install_outbound, status_t,
        return status;
 }
 
+METHOD(child_sa_t, set_rekey_spi, void,
+       private_child_sa_t *this, uint32_t spi)
+{
+       this->rekey_spi = spi;
+}
+
+METHOD(child_sa_t, get_rekey_spi, uint32_t,
+       private_child_sa_t *this)
+{
+       return this->rekey_spi;
+}
+
 /**
  * Callback to reinstall a virtual IP
  */
@@ -1642,6 +1659,8 @@ child_sa_t * child_sa_create(host_t *me, host_t* other,
                        .install = _install,
                        .register_outbound = _register_outbound,
                        .install_outbound = _install_outbound,
+                       .set_rekey_spi = _set_rekey_spi,
+                       .get_rekey_spi = _get_rekey_spi,
                        .update = _update,
                        .set_policies = _set_policies,
                        .install_policies = _install_policies,
index 98fa247..4483346 100644 (file)
@@ -419,6 +419,22 @@ struct child_sa_t {
        status_t (*install_policies)(child_sa_t *this);
 
        /**
+        * Set the outbound SPI of the CHILD_SA that replaced this CHILD_SA during
+        * a rekeying.
+        *
+        * @param spi           outbound SPI of the CHILD_SA that replaced this CHILD_SA
+        */
+       void (*set_rekey_spi)(child_sa_t *this, uint32_t spi);
+
+       /**
+        * Get the outbound SPI of the CHILD_SA that replaced this CHILD_SA during
+        * a rekeying.
+        *
+        * @return                      outbound SPI of the CHILD_SA that replaced this CHILD_SA
+        */
+       uint32_t (*get_rekey_spi)(child_sa_t *this);
+
+       /**
         * Update hosts and ecapulation mode in the kernel SAs and policies.
         *
         * @param me            the new local host