New upstream version 5.6.3

1 files changed, 29 insertions, 67 deletions

diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index e0e2955e2..f4e9e33ee 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -112,7 +112,7 @@ struct private_vici_config_t {
 	rwlock_t *lock;
 
 	/**
-	 * Condvar used to snyc running actions
+	 * Condvar used to sync running actions
 	 */
 	rwlock_condvar_t *condvar;
 
@@ -533,7 +533,7 @@ static void log_child_data(child_data_t *data, char *name)
 	DBG2(DBG_CFG, "   proposals = %#P", data->proposals);
 	DBG2(DBG_CFG, "   local_ts = %#R", data->local_ts);
 	DBG2(DBG_CFG, "   remote_ts = %#R", data->remote_ts);
-	DBG2(DBG_CFG, "   hw_offload = %u", has_opt(OPT_HW_OFFLOAD));
+	DBG2(DBG_CFG, "   hw_offload = %N", hw_offload_names, cfg->hw_offload);
 	DBG2(DBG_CFG, "   sha256_96 = %u", has_opt(OPT_SHA256_96));
 }
 
@@ -892,14 +892,6 @@ CALLBACK(parse_opt_ipcomp, bool,
 	return parse_option(out, OPT_IPCOMP, v);
 }
 
-/**
- * Parse OPT_HW_OFFLOAD option
- */
-CALLBACK(parse_opt_hw_offl, bool,
-	child_cfg_option_t *out, chunk_t v)
-{
-	return parse_option(out, OPT_HW_OFFLOAD, v);
-}
 
 /**
  * Parse OPT_SHA256_96 option
@@ -944,6 +936,27 @@ CALLBACK(parse_action, bool,
 }
 
 /**
+ * Parse an hw_offload_t
+ */
+CALLBACK(parse_hw_offload, bool,
+	action_t *out, chunk_t v)
+{
+	enum_map_t map[] = {
+		{ "no",		HW_OFFLOAD_NO	},
+		{ "yes",	HW_OFFLOAD_YES	},
+		{ "auto",	HW_OFFLOAD_AUTO	},
+	};
+	int d;
+
+	if (parse_map(map, countof(map), &d, v))
+	{
+		*out = d;
+		return TRUE;
+	}
+	return FALSE;
+}
+
+/**
  * Parse a uint32_t with the given base
  */
 static bool parse_uint32_base(uint32_t *out, chunk_t v, int base)
@@ -1578,7 +1591,7 @@ CALLBACK(child_kv, bool,
 		{ "tfc_padding",		parse_tfc,			&child->cfg.tfc						},
 		{ "priority",			parse_uint32,		&child->cfg.priority				},
 		{ "interface",			parse_string,		&child->cfg.interface				},
-		{ "hw_offload",			parse_opt_hw_offl,	&child->cfg.options					},
+		{ "hw_offload",			parse_hw_offload,	&child->cfg.hw_offload				},
 		{ "sha256_96",			parse_opt_sha256_96,&child->cfg.options					},
 	};
 
@@ -1954,41 +1967,6 @@ CALLBACK(peer_sn, bool,
 }
 
 /**
- * Find reqid of an existing CHILD_SA
- */
-static uint32_t find_reqid(child_cfg_t *cfg)
-{
-	enumerator_t *enumerator, *children;
-	child_sa_t *child_sa;
-	ike_sa_t *ike_sa;
-	uint32_t reqid;
-
-	reqid = charon->traps->find_reqid(charon->traps, cfg);
-	if (reqid)
-	{	/* already trapped */
-		return reqid;
-	}
-
-	enumerator = charon->controller->create_ike_sa_enumerator(
-													charon->controller, TRUE);
-	while (!reqid && enumerator->enumerate(enumerator, &ike_sa))
-	{
-		children = ike_sa->create_child_sa_enumerator(ike_sa);
-		while (children->enumerate(children, &child_sa))
-		{
-			if (streq(cfg->get_name(cfg), child_sa->get_name(child_sa)))
-			{
-				reqid = child_sa->get_reqid(child_sa);
-				break;
-			}
-		}
-		children->destroy(children);
-	}
-	enumerator->destroy(enumerator);
-	return reqid;
-}
-
-/**
  * Perform start actions associated with a child config
  */
 static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg,
@@ -2012,8 +1990,7 @@ static void run_start_action(private_vici_config_t *this, peer_cfg_t *peer_cfg,
 									peer_cfg->get_name(peer_cfg), child_cfg);
 					break;
 				default:
-					charon->traps->install(charon->traps, peer_cfg, child_cfg,
-										   find_reqid(child_cfg));
+					charon->traps->install(charon->traps, peer_cfg, child_cfg);
 					break;
 			}
 			break;
@@ -2030,7 +2007,6 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name,
 {
 	enumerator_t *enumerator, *children;
 	child_sa_t *child_sa;
-	peer_cfg_t *peer_cfg;
 	ike_sa_t *ike_sa;
 	uint32_t id = 0, others;
 	array_t *ids = NULL, *ikeids = NULL;
@@ -2053,7 +2029,8 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name,
 				children = ike_sa->create_child_sa_enumerator(ike_sa);
 				while (children->enumerate(children, &child_sa))
 				{
-					if (child_sa->get_state(child_sa) != CHILD_DELETING)
+					if (child_sa->get_state(child_sa) != CHILD_DELETING &&
+						child_sa->get_state(child_sa) != CHILD_DELETED)
 					{
 						if (streq(name, child_sa->get_name(child_sa)))
 						{
@@ -2106,7 +2083,7 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name,
 				while (array_remove(ikeids, ARRAY_HEAD, &id))
 				{
 					DBG1(DBG_CFG, "closing IKE_SA #%u", id);
-					charon->controller->terminate_ike(charon->controller,
+					charon->controller->terminate_ike(charon->controller, FALSE,
 													  id, NULL, NULL, 0);
 				}
 				array_destroy(ikeids);
@@ -2121,22 +2098,7 @@ static void clear_start_action(private_vici_config_t *this, char *peer_name,
 					charon->shunts->uninstall(charon->shunts, peer_name, name);
 					break;
 				default:
-					enumerator = charon->traps->create_enumerator(charon->traps);
-					while (enumerator->enumerate(enumerator, &peer_cfg,
-												 &child_sa))
-					{
-						if (streq(peer_name, peer_cfg->get_name(peer_cfg)) &&
-							streq(name, child_sa->get_name(child_sa)))
-						{
-							id = child_sa->get_reqid(child_sa);
-							break;
-						}
-					}
-					enumerator->destroy(enumerator);
-					if (id)
-					{
-						charon->traps->uninstall(charon->traps, id);
-					}
+					charon->traps->uninstall(charon->traps, peer_name, name);
 					break;
 			}
 			break;