{
ike_cfg_t *ike_cfg;
child_cfg_t *child_cfg;
+ lifetime_cfg_t *lifetime;
peer_cfg_t *peer_cfg;
traffic_selector_t *ts;
proposal_t *proposal;
generate_auth_cfg(this, this->responder_auth, peer_cfg, TRUE, num);
generate_auth_cfg(this, this->initiator_auth, peer_cfg, FALSE, num);
}
- child_cfg = child_cfg_create("load-test", this->child_rekey * 2,
- this->child_rekey, 0, NULL, TRUE,
+
+ lifetime = lifetime_cfg_create_time(this->child_rekey * 2,
+ this->child_rekey, 0);
+
+ child_cfg = child_cfg_create("load-test", lifetime, NULL, TRUE,
MODE_TUNNEL, ACTION_NONE, ACTION_NONE, FALSE);
proposal = proposal_create_from_string(PROTO_ESP, "aes128-sha1");
child_cfg->add_proposal(child_cfg, proposal);
ike_cfg_t *ike_cfg;
child_cfg_t *child_cfg;
chunk_t me, other;
+ lifetime_cfg_t *lifetime;
char *address, *local_net, *remote_net;
/* query mediation server config:
identification_create_from_encoding(ID_KEY_ID, other));
peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
- child_cfg = child_cfg_create(name, this->rekey*60 + this->rekey,
- this->rekey*60, this->rekey, NULL, TRUE,
+ lifetime = lifetime_cfg_create_time(this->rekey * 60 + this->rekey,
+ this->rekey, this->rekey);
+
+ child_cfg = child_cfg_create(name, lifetime, NULL, TRUE,
MODE_TUNNEL, ACTION_NONE, ACTION_NONE, FALSE);
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, ts_from_string(local_net));
chunk_t me, other;
child_cfg_t *child_cfg;
auth_cfg_t *auth;
+ lifetime_cfg_t *lifetime;
DESTROY_IF(this->current);
if (!this->inner->enumerate(this->inner, &name, &me, &other,
identification_create_from_encoding(ID_KEY_ID, other));
this->current->add_auth_cfg(this->current, auth, FALSE);
- child_cfg = child_cfg_create(
- name, this->rekey*60 + this->rekey,
- this->rekey*60, this->rekey, NULL, TRUE,
- MODE_TUNNEL, ACTION_NONE, ACTION_NONE, FALSE);
+ lifetime = lifetime_cfg_create_time(this->rekey * 60 + this->rekey,
+ this->rekey, this->rekey);
+
+ child_cfg = child_cfg_create(name, lifetime, NULL, TRUE, MODE_TUNNEL,
+ ACTION_NONE, ACTION_NONE, FALSE);
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, ts_from_string(local_net));
child_cfg->add_traffic_selector(child_cfg, FALSE, ts_from_string(remote_net));
ike_cfg_t *ike_cfg;
peer_cfg_t *peer_cfg;
child_cfg_t *child_cfg;
+ lifetime_cfg_t *lifetime;
traffic_selector_t *ts;
ike_sa_t *ike_sa;
auth_cfg_t *auth;
auth->add(auth, AUTH_RULE_IDENTITY, gateway);
peer_cfg->add_auth_cfg(peer_cfg, auth, FALSE);
- child_cfg = child_cfg_create(priv->name,
- 10800, 10200, /* lifetime 3h, rekey 2h50min */
- 300, /* jitter 5min */
+ lifetime = lifetime_cfg_create_time(10800 /* 3h */, 10200 /* 2h50min */,
+ 300 /* 5min */);
+
+ child_cfg = child_cfg_create(priv->name, lifetime,
NULL, TRUE, MODE_TUNNEL, /* updown, hostaccess */
ACTION_NONE, ACTION_NONE, ipcomp);
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
if (e->enumerate(e, &id, &name, &lifetime, &rekeytime, &jitter,
&updown, &hostaccess, &mode, &dpd, &close, &ipcomp))
{
- child_cfg = child_cfg_create(name, lifetime, rekeytime, jitter,
- updown, hostaccess, mode, dpd, close, ipcomp);
+ lifetime_cfg_t *lft = lifetime_cfg_create_time(lifetime, rekeytime,
+ jitter);
+ child_cfg = child_cfg_create(name, lft, updown, hostaccess, mode,
+ dpd, close, ipcomp);
/* TODO: read proposal from db */
child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
add_traffic_selectors(this, child_cfg, id);
stroke_msg_t *msg)
{
child_cfg_t *child_cfg;
+ lifetime_cfg_t *lifetime;
action_t dpd;
switch (msg->add_conn.dpd.action)
dpd = ACTION_NONE;
break;
}
- child_cfg = child_cfg_create(
- msg->add_conn.name, msg->add_conn.rekey.ipsec_lifetime,
+
+ lifetime = lifetime_cfg_create_time(
+ msg->add_conn.rekey.ipsec_lifetime,
msg->add_conn.rekey.ipsec_lifetime - msg->add_conn.rekey.margin,
- msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100,
+ msg->add_conn.rekey.margin * msg->add_conn.rekey.fuzz / 100);
+
+ child_cfg = child_cfg_create(
+ msg->add_conn.name, lifetime,
msg->add_conn.me.updown, msg->add_conn.me.hostaccess,
msg->add_conn.mode, dpd, dpd, msg->add_conn.ipcomp);
child_cfg->set_mipv6_options(child_cfg, msg->add_conn.proxy_mode,
char *local_id, *local_addr, *local_net;
char *remote_id, *remote_addr, *remote_net;
child_cfg_t *child_cfg;
+ lifetime_cfg_t *lifetime;
ike_cfg_t *ike_cfg;
auth_cfg_t *auth;
identification_create_from_string(remote_id));
}
this->peer_cfg->add_auth_cfg(this->peer_cfg, auth, FALSE);
- child_cfg = child_cfg_create(name,
- create_rekey(esp_rekey) + 300, create_rekey(ike_rekey), 300,
- NULL, TRUE, MODE_TUNNEL, ACTION_NONE, ACTION_NONE, FALSE);
+ lifetime = lifetime_cfg_create_time(create_rekey(esp_rekey) + 300,
+ create_rekey(esp_rekey), 300);
+ child_cfg = child_cfg_create(name, lifetime, NULL, TRUE, MODE_TUNNEL,
+ ACTION_NONE, ACTION_NONE, FALSE);
child_cfg->add_proposal(child_cfg, create_proposal(esp_proposal, PROTO_ESP));
child_cfg->add_traffic_selector(child_cfg, TRUE, create_ts(local_net));
child_cfg->add_traffic_selector(child_cfg, FALSE, create_ts(remote_net));