Added a get_rekey/reauth_time() jitter parameter to get time without randomization
authorMartin Willi <martin@revosec.ch>
Thu, 24 Nov 2011 10:38:37 +0000 (11:38 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:30:52 +0000 (17:30 +0100)
src/libcharon/config/peer_cfg.c
src/libcharon/config/peer_cfg.h
src/libcharon/sa/ike_sa.c

index 73b5f5f..fbdfa25 100644 (file)
@@ -341,13 +341,13 @@ METHOD(peer_cfg_t, get_keyingtries, u_int32_t,
 }
 
 METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
 }
 
 METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
-       private_peer_cfg_t *this)
+       private_peer_cfg_t *this, bool jitter)
 {
        if (this->rekey_time == 0)
        {
                return 0;
        }
 {
        if (this->rekey_time == 0)
        {
                return 0;
        }
-       if (this->jitter_time == 0)
+       if (this->jitter_time == 0 || !jitter)
        {
                return this->rekey_time;
        }
        {
                return this->rekey_time;
        }
@@ -355,13 +355,13 @@ METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
 }
 
 METHOD(peer_cfg_t, get_reauth_time, u_int32_t,
 }
 
 METHOD(peer_cfg_t, get_reauth_time, u_int32_t,
-       private_peer_cfg_t *this)
+       private_peer_cfg_t *this, bool jitter)
 {
        if (this->reauth_time == 0)
        {
                return 0;
        }
 {
        if (this->reauth_time == 0)
        {
                return 0;
        }
-       if (this->jitter_time == 0)
+       if (this->jitter_time == 0 || !jitter)
        {
                return this->reauth_time;
        }
        {
                return this->reauth_time;
        }
index 6096f64..33309d1 100644 (file)
@@ -227,18 +227,20 @@ struct peer_cfg_t {
        u_int32_t (*get_keyingtries) (peer_cfg_t *this);
 
        /**
        u_int32_t (*get_keyingtries) (peer_cfg_t *this);
 
        /**
-        * Get a time to start rekeying (is randomized with jitter).
+        * Get a time to start rekeying.
         *
         *
+        * @param jitter        remove a jitter value to randomize time
         * @return                      time in s when to start rekeying, 0 disables rekeying
         */
         * @return                      time in s when to start rekeying, 0 disables rekeying
         */
-       u_int32_t (*get_rekey_time)(peer_cfg_t *this);
+       u_int32_t (*get_rekey_time)(peer_cfg_t *this, bool jitter);
 
        /**
 
        /**
-        * Get a time to start reauthentication (is randomized with jitter).
+        * Get a time to start reauthentication.
         *
         *
+        * @param jitter        remove a jitter value to randomize time
         * @return                      time in s when to start reauthentication, 0 disables it
         */
         * @return                      time in s when to start reauthentication, 0 disables it
         */
-       u_int32_t (*get_reauth_time)(peer_cfg_t *this);
+       u_int32_t (*get_reauth_time)(peer_cfg_t *this, bool jitter);
 
        /**
         * Get the timeout of a rekeying/reauthenticating SA.
 
        /**
         * Get the timeout of a rekeying/reauthenticating SA.
index 088fd0a..b789424 100644 (file)
@@ -642,7 +642,7 @@ METHOD(ike_sa_t, set_state, void,
 
                                /* schedule rekeying if we have a time which is smaller than
                                 * an already scheduled rekeying */
 
                                /* schedule rekeying if we have a time which is smaller than
                                 * an already scheduled rekeying */
-                               t = this->peer_cfg->get_rekey_time(this->peer_cfg);
+                               t = this->peer_cfg->get_rekey_time(this->peer_cfg, TRUE);
                                if (t && (this->stats[STAT_REKEY] == 0 ||
                                        (this->stats[STAT_REKEY] > t + this->stats[STAT_ESTABLISHED])))
                                {
                                if (t && (this->stats[STAT_REKEY] == 0 ||
                                        (this->stats[STAT_REKEY] > t + this->stats[STAT_ESTABLISHED])))
                                {
@@ -651,7 +651,7 @@ METHOD(ike_sa_t, set_state, void,
                                        lib->scheduler->schedule_job(lib->scheduler, job, t);
                                        DBG1(DBG_IKE, "scheduling rekeying in %ds", t);
                                }
                                        lib->scheduler->schedule_job(lib->scheduler, job, t);
                                        DBG1(DBG_IKE, "scheduling rekeying in %ds", t);
                                }
-                               t = this->peer_cfg->get_reauth_time(this->peer_cfg);
+                               t = this->peer_cfg->get_reauth_time(this->peer_cfg, TRUE);
                                if (t && (this->stats[STAT_REAUTH] == 0 ||
                                        (this->stats[STAT_REAUTH] > t + this->stats[STAT_ESTABLISHED])))
                                {
                                if (t && (this->stats[STAT_REAUTH] == 0 ||
                                        (this->stats[STAT_REAUTH] > t + this->stats[STAT_ESTABLISHED])))
                                {