Imported Upstream version 4.6.4

author: Yves-Alexis Perez <corsac@corsac.net> 2012-06-28 21:16:07 +0200
committer: Yves-Alexis Perez <corsac@corsac.net> 2012-06-28 21:16:07 +0200
commit: b34738ed08c2227300d554b139e2495ca5da97d6 (patch)
tree: 62f33b52820f2e49f0e53c0f8c636312037c8054 /src/libcharon/processing
parent: 0a9d51a49042a68daa15b0c74a2b7f152f52606b (diff)
download: vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.tar.gz
vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.zip
16 files changed, 180 insertions, 61 deletions
diff --git a/src/libcharon/processing/jobs/acquire_job.c b/src/libcharon/processing/jobs/acquire_job.c
index 3544dd332..2d836b002 100644
--- a/src/libcharon/processing/jobs/acquire_job.c
+++ b/src/libcharon/processing/jobs/acquire_job.c
@@ -61,6 +61,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_acquire_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -74,6 +80,7 @@ acquire_job_t *acquire_job_create(u_int32_t reqid,
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/delete_child_sa_job.c b/src/libcharon/processing/jobs/delete_child_sa_job.c
index 29122cd03..bd8bb9562 100644
--- a/src/libcharon/processing/jobs/delete_child_sa_job.c
+++ b/src/libcharon/processing/jobs/delete_child_sa_job.c
@@ -73,6 +73,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_delete_child_sa_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -86,6 +92,7 @@ delete_child_sa_job_t *delete_child_sa_job_create(u_int32_t reqid,
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/delete_ike_sa_job.c b/src/libcharon/processing/jobs/delete_ike_sa_job.c
index 468c9ef94..c29b72230 100644
--- a/src/libcharon/processing/jobs/delete_ike_sa_job.c
+++ b/src/libcharon/processing/jobs/delete_ike_sa_job.c
@@ -92,6 +92,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_delete_ike_sa_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -104,6 +110,7 @@ delete_ike_sa_job_t *delete_ike_sa_job_create(ike_sa_id_t *ike_sa_id,
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/inactivity_job.c b/src/libcharon/processing/jobs/inactivity_job.c
index 1371000eb..251b9ab03 100644
--- a/src/libcharon/processing/jobs/inactivity_job.c
+++ b/src/libcharon/processing/jobs/inactivity_job.c
@@ -61,15 +61,15 @@ METHOD(job_t, execute, void,
 													this->reqid, TRUE);
 	if (ike_sa)
 	{
-		iterator_t *iterator;
+		enumerator_t *enumerator;
 		child_sa_t *child_sa;
 		u_int32_t delete = 0;
 		protocol_id_t proto = 0;
 		int children = 0;
 		status_t status = SUCCESS;
 
-		iterator = ike_sa->create_child_sa_iterator(ike_sa);
-		while (iterator->iterate(iterator, (void**)&child_sa))
+		enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
+		while (enumerator->enumerate(enumerator, (void**)&child_sa))
 		{
 			if (child_sa->get_reqid(child_sa) == this->reqid)
 			{
@@ -94,7 +94,7 @@ METHOD(job_t, execute, void,
 			}
 			children++;
 		}
-		iterator->destroy(iterator);
+		enumerator->destroy(enumerator);
 
 		if (delete)
 		{
@@ -127,6 +127,12 @@ METHOD(job_t, execute, void,
 	}
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_inactivity_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /**
  * See header
  */
@@ -137,8 +143,9 @@ inactivity_job_t *inactivity_job_create(u_int32_t reqid, u_int32_t timeout,
 
 	INIT(this,
 		.public = {
-				.job_interface = {
+			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/initiate_mediation_job.c b/src/libcharon/processing/jobs/initiate_mediation_job.c
index ffe8755e2..e52f3c6df 100644
--- a/src/libcharon/processing/jobs/initiate_mediation_job.c
+++ b/src/libcharon/processing/jobs/initiate_mediation_job.c
@@ -41,10 +41,8 @@ struct private_initiate_mediation_job_t {
 	ike_sa_id_t *mediation_sa_id;
 };
 
-/**
- * Implements job_t.destroy.
- */
-static void destroy(private_initiate_mediation_job_t *this)
+METHOD(job_t, destroy, void,
+	private_initiate_mediation_job_t *this)
 {
 	DESTROY_IF(this->mediation_sa_id);
 	DESTROY_IF(this->mediated_sa_id);
@@ -66,10 +64,8 @@ static bool initiate_callback(private_initiate_mediation_job_t *this,
 	return TRUE;
 }
 
-/**
- * Implementation of job_t.execute.
- */
-static void initiate(private_initiate_mediation_job_t *this)
+METHOD(job_t, initiate, void,
+	private_initiate_mediation_job_t *this)
 {
 	ike_sa_t *mediated_sa, *mediation_sa;
 	peer_cfg_t *mediated_cfg, *mediation_cfg;
@@ -126,7 +122,7 @@ static void initiate(private_initiate_mediation_job_t *this)
 		mediation_cfg->get_ref(mediation_cfg);
 
 		if (charon->controller->initiate(charon->controller, mediation_cfg,
-					NULL, (controller_cb_t)initiate_callback, this) != SUCCESS)
+				NULL, (controller_cb_t)initiate_callback, this, 0) != SUCCESS)
 		{
 			mediation_cfg->destroy(mediation_cfg);
 			mediated_cfg->destroy(mediated_cfg);
@@ -172,10 +168,8 @@ static void initiate(private_initiate_mediation_job_t *this)
 	destroy(this);
 }
 
-/**
- * Implementation of job_t.execute.
- */
-static void reinitiate(private_initiate_mediation_job_t *this)
+METHOD(job_t, reinitiate, void,
+	private_initiate_mediation_job_t *this)
 {
 	ike_sa_t *mediated_sa, *mediation_sa;
 	peer_cfg_t *mediated_cfg;
@@ -223,20 +217,26 @@ static void reinitiate(private_initiate_mediation_job_t *this)
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_initiate_mediation_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /**
  * Creates an empty job
  */
 static private_initiate_mediation_job_t *initiate_mediation_job_create_empty()
 {
-	private_initiate_mediation_job_t *this = malloc_thing(private_initiate_mediation_job_t);
-
-	/* interface functions */
-	this->public.job_interface.destroy = (void (*) (job_t *)) destroy;
-
-	/* private variables */
-	this->mediation_sa_id = NULL;
-	this->mediated_sa_id = NULL;
-
+	private_initiate_mediation_job_t *this;
+	INIT(this,
+		.public = {
+			.job_interface = {
+				.get_priority = _get_priority,
+				.destroy = _destroy,
+			},
+		},
+	);
 	return this;
 }
 
@@ -247,8 +247,7 @@ initiate_mediation_job_t *initiate_mediation_job_create(ike_sa_id_t *ike_sa_id)
 {
 	private_initiate_mediation_job_t *this = initiate_mediation_job_create_empty();
 
-	this->public.job_interface.execute = (void (*) (job_t *)) initiate;
-
+	this->public.job_interface.execute = _initiate;
 	this->mediated_sa_id = ike_sa_id->clone(ike_sa_id);
 
 	return &this->public;
@@ -262,8 +261,7 @@ initiate_mediation_job_t *reinitiate_mediation_job_create(ike_sa_id_t *mediation
 {
 	private_initiate_mediation_job_t *this = initiate_mediation_job_create_empty();
 
-	this->public.job_interface.execute = (void (*) (job_t *)) reinitiate;
-
+	this->public.job_interface.execute = _reinitiate;
 	this->mediation_sa_id = mediation_sa_id->clone(mediation_sa_id);
 	this->mediated_sa_id = mediated_sa_id->clone(mediated_sa_id);
 
diff --git a/src/libcharon/processing/jobs/mediation_job.c b/src/libcharon/processing/jobs/mediation_job.c
index b5b8af3b3..6f02f2a0a 100644
--- a/src/libcharon/processing/jobs/mediation_job.c
+++ b/src/libcharon/processing/jobs/mediation_job.c
@@ -66,10 +66,8 @@ struct private_mediation_job_t {
 	bool response;
 };
 
-/**
- * Implements job_t.destroy.
- */
-static void destroy(private_mediation_job_t *this)
+METHOD(job_t, destroy, void,
+	private_mediation_job_t *this)
 {
 	DESTROY_IF(this->target);
 	DESTROY_IF(this->source);
@@ -79,10 +77,8 @@ static void destroy(private_mediation_job_t *this)
 	free(this);
 }
 
-/**
- * Implementation of job_t.execute.
- */
-static void execute(private_mediation_job_t *this)
+METHOD(job_t, execute, void,
+	private_mediation_job_t *this)
 {
 	ike_sa_id_t *target_sa_id;
 
@@ -137,26 +133,27 @@ static void execute(private_mediation_job_t *this)
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_mediation_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /**
  * Creates an empty mediation job
  */
 static private_mediation_job_t *mediation_job_create_empty()
 {
-	private_mediation_job_t *this = malloc_thing(private_mediation_job_t);
-
-	/* interface functions */
-	this->public.job_interface.execute = (void (*) (job_t *)) execute;
-	this->public.job_interface.destroy = (void (*) (job_t *)) destroy;
-
-	/* private variables */
-	this->target = NULL;
-	this->source = NULL;
-	this->callback = FALSE;
-	this->connect_id = chunk_empty;
-	this->connect_key = chunk_empty;
-	this->endpoints = NULL;
-	this->response = FALSE;
-
+	private_mediation_job_t *this;
+	INIT(this,
+		.public = {
+			.job_interface = {
+				.execute = _execute,
+				.get_priority = _get_priority,
+				.destroy = _destroy,
+			},
+		},
+	);
 	return this;
 }
 
diff --git a/src/libcharon/processing/jobs/migrate_job.c b/src/libcharon/processing/jobs/migrate_job.c
index 5e7c7ae88..eb10e2e46 100644
--- a/src/libcharon/processing/jobs/migrate_job.c
+++ b/src/libcharon/processing/jobs/migrate_job.c
@@ -79,12 +79,12 @@ METHOD(job_t, execute, void,
 	}
 	if (ike_sa)
 	{
-		iterator_t *children;
+		enumerator_t *children;
 		child_sa_t *child_sa;
 		host_t *host;
 
-		children = ike_sa->create_child_sa_iterator(ike_sa);
-		while (children->iterate(children, (void**)&child_sa))
+		children = ike_sa->create_child_sa_enumerator(ike_sa);
+		while (children->enumerate(children, (void**)&child_sa))
 		{
 			if (child_sa->get_reqid(child_sa) == this->reqid)
 			{
@@ -120,6 +120,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_migrate_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -135,6 +141,7 @@ migrate_job_t *migrate_job_create(u_int32_t reqid,
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/process_message_job.c b/src/libcharon/processing/jobs/process_message_job.c
index b6de4fc0f..a4924d001 100644
--- a/src/libcharon/processing/jobs/process_message_job.c
+++ b/src/libcharon/processing/jobs/process_message_job.c
@@ -84,6 +84,27 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_process_message_job_t *this)
+{
+	switch (this->message->get_exchange_type(this->message))
+	{
+		case IKE_AUTH:
+			/* IKE auth is rather expensive and often blocking, low priority */
+			return JOB_PRIO_LOW;
+		case INFORMATIONAL:
+			/* INFORMATIONALs are inexpensive, for DPD we should have low
+			 * reaction times */
+			return JOB_PRIO_HIGH;
+		case IKE_SA_INIT:
+		case CREATE_CHILD_SA:
+		default:
+			/* IKE_SA_INIT is expensive, but we will drop them in the receiver
+			 * if we are overloaded */
+			return JOB_PRIO_MEDIUM;
+	}
+}
+
 /*
  * Described in header
  */
@@ -95,6 +116,7 @@ process_message_job_t *process_message_job_create(message_t *message)
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/rekey_child_sa_job.c b/src/libcharon/processing/jobs/rekey_child_sa_job.c
index 2bcee2ddf..5855f1bc9 100644
--- a/src/libcharon/processing/jobs/rekey_child_sa_job.c
+++ b/src/libcharon/processing/jobs/rekey_child_sa_job.c
@@ -71,6 +71,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_rekey_child_sa_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -84,6 +90,7 @@ rekey_child_sa_job_t *rekey_child_sa_job_create(u_int32_t reqid,
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/rekey_ike_sa_job.c b/src/libcharon/processing/jobs/rekey_ike_sa_job.c
index dc86ba9b3..5366195fd 100644
--- a/src/libcharon/processing/jobs/rekey_ike_sa_job.c
+++ b/src/libcharon/processing/jobs/rekey_ike_sa_job.c
@@ -81,6 +81,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_rekey_ike_sa_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -92,6 +98,7 @@ rekey_ike_sa_job_t *rekey_ike_sa_job_create(ike_sa_id_t *ike_sa_id, bool reauth)
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/retransmit_job.c b/src/libcharon/processing/jobs/retransmit_job.c
index 1c78abd27..050f7005a 100644
--- a/src/libcharon/processing/jobs/retransmit_job.c
+++ b/src/libcharon/processing/jobs/retransmit_job.c
@@ -70,6 +70,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_retransmit_job_t *this)
+{
+	return JOB_PRIO_HIGH;
+}
+
 /*
  * Described in header.
  */
@@ -81,6 +87,7 @@ retransmit_job_t *retransmit_job_create(u_int32_t message_id,ike_sa_id_t *ike_sa
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/roam_job.c b/src/libcharon/processing/jobs/roam_job.c
index 74ef8bd6d..951ac5ad3 100644
--- a/src/libcharon/processing/jobs/roam_job.c
+++ b/src/libcharon/processing/jobs/roam_job.c
@@ -55,7 +55,8 @@ METHOD(job_t, execute, void,
 	/* enumerator over all IKE_SAs gives us no way to checkin_and_destroy
 	 * after a DESTROY_ME, so we check out each available IKE_SA by hand. */
 	list = linked_list_create();
-	enumerator = charon->ike_sa_manager->create_enumerator(charon->ike_sa_manager);
+	enumerator = charon->ike_sa_manager->create_enumerator(
+												charon->ike_sa_manager, TRUE);
 	while (enumerator->enumerate(enumerator, &ike_sa))
 	{
 		id = ike_sa->get_id(ike_sa);
@@ -85,6 +86,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_roam_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -96,6 +103,7 @@ roam_job_t *roam_job_create(bool address)
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/send_dpd_job.c b/src/libcharon/processing/jobs/send_dpd_job.c
index 47b525363..ab00d013d 100644
--- a/src/libcharon/processing/jobs/send_dpd_job.c
+++ b/src/libcharon/processing/jobs/send_dpd_job.c
@@ -66,6 +66,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_send_dpd_job_t *this)
+{
+	return JOB_PRIO_HIGH;
+}
+
 /*
  * Described in header
  */
@@ -77,6 +83,7 @@ send_dpd_job_t *send_dpd_job_create(ike_sa_id_t *ike_sa_id)
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/send_keepalive_job.c b/src/libcharon/processing/jobs/send_keepalive_job.c
index 8d98aad7e..5e128d478 100644
--- a/src/libcharon/processing/jobs/send_keepalive_job.c
+++ b/src/libcharon/processing/jobs/send_keepalive_job.c
@@ -60,6 +60,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_send_keepalive_job_t *this)
+{
+	return JOB_PRIO_HIGH;
+}
+
 /*
  * Described in header
  */
@@ -71,6 +77,7 @@ send_keepalive_job_t *send_keepalive_job_create(ike_sa_id_t *ike_sa_id)
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
diff --git a/src/libcharon/processing/jobs/start_action_job.c b/src/libcharon/processing/jobs/start_action_job.c
index 5dda18be2..b65181ef8 100644
--- a/src/libcharon/processing/jobs/start_action_job.c
+++ b/src/libcharon/processing/jobs/start_action_job.c
@@ -42,6 +42,7 @@ METHOD(job_t, execute, void,
 	enumerator_t *enumerator, *children;
 	peer_cfg_t *peer_cfg;
 	child_cfg_t *child_cfg;
+	ipsec_mode_t mode;
 	char *name;
 
 	enumerator = charon->backends->create_peer_cfg_enumerator(charon->backends,
@@ -65,11 +66,20 @@ METHOD(job_t, execute, void,
 					charon->controller->initiate(charon->controller,
 												 peer_cfg->get_ref(peer_cfg),
 												 child_cfg->get_ref(child_cfg),
-												 NULL, NULL);
+												 NULL, NULL, 0);
 					break;
 				case ACTION_ROUTE:
 					DBG1(DBG_JOB, "start action: route '%s'", name);
-					charon->traps->install(charon->traps, peer_cfg, child_cfg);
+					mode = child_cfg->get_mode(child_cfg);
+					if (mode == MODE_PASS || mode == MODE_DROP)
+					{
+						charon->shunts->install(charon->shunts, child_cfg);
+					}
+					else
+					{
+						charon->traps->install(charon->traps, peer_cfg,
+															  child_cfg);
+					}
 					break;
 				case ACTION_NONE:
 					break;
@@ -81,6 +91,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_start_action_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -92,10 +108,11 @@ start_action_job_t *start_action_job_create(void)
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
-	)
+	);
 	return &this->public;
 }
 
diff --git a/src/libcharon/processing/jobs/update_sa_job.c b/src/libcharon/processing/jobs/update_sa_job.c
index 3b4e9949f..c4f6e4782 100644
--- a/src/libcharon/processing/jobs/update_sa_job.c
+++ b/src/libcharon/processing/jobs/update_sa_job.c
@@ -74,6 +74,12 @@ METHOD(job_t, execute, void,
 	destroy(this);
 }
 
+METHOD(job_t, get_priority, job_priority_t,
+	private_update_sa_job_t *this)
+{
+	return JOB_PRIO_MEDIUM;
+}
+
 /*
  * Described in header
  */
@@ -85,6 +91,7 @@ update_sa_job_t *update_sa_job_create(u_int32_t reqid, host_t *new)
 		.public = {
 			.job_interface = {
 				.execute = _execute,
+				.get_priority = _get_priority,
 				.destroy = _destroy,
 			},
 		},
author	Yves-Alexis Perez <corsac@corsac.net>	2012-06-28 21:16:07 +0200
committer	Yves-Alexis Perez <corsac@corsac.net>	2012-06-28 21:16:07 +0200
commit	b34738ed08c2227300d554b139e2495ca5da97d6 (patch)
tree	62f33b52820f2e49f0e53c0f8c636312037c8054 /src/libcharon/processing
parent	0a9d51a49042a68daa15b0c74a2b7f152f52606b (diff)
download	vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.tar.gz vyos-strongswan-b34738ed08c2227300d554b139e2495ca5da97d6.zip