summaryrefslogtreecommitdiff
path: root/src/libipsec/ipsec_sa_mgr.c
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2013-11-01 13:32:07 +0100
committerYves-Alexis Perez <corsac@debian.org>2013-11-01 13:32:07 +0100
commit5313d2d78ca150515f7f5eb39801c100690b6b29 (patch)
treec78e420367283bb1b16f14210b12687cdfbd26eb /src/libipsec/ipsec_sa_mgr.c
parent6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349 (diff)
downloadvyos-strongswan-5313d2d78ca150515f7f5eb39801c100690b6b29.tar.gz
vyos-strongswan-5313d2d78ca150515f7f5eb39801c100690b6b29.zip
Imported Upstream version 5.1.1
Diffstat (limited to 'src/libipsec/ipsec_sa_mgr.c')
-rw-r--r--src/libipsec/ipsec_sa_mgr.c31
1 files changed, 26 insertions, 5 deletions
diff --git a/src/libipsec/ipsec_sa_mgr.c b/src/libipsec/ipsec_sa_mgr.c
index 928a53d50..1db1776c0 100644
--- a/src/libipsec/ipsec_sa_mgr.c
+++ b/src/libipsec/ipsec_sa_mgr.c
@@ -299,12 +299,10 @@ static job_requeue_t sa_expired(ipsec_sa_expired_t *expired)
if (this->sas->find_first(this->sas, (void*)match_entry_by_ptr,
NULL, expired->entry) == SUCCESS)
{
- u_int32_t hard_offset = expired->hard_offset;
- ipsec_sa_t *sa = expired->entry->sa;
+ u_int32_t hard_offset;
- ipsec->events->expire(ipsec->events, sa->get_reqid(sa),
- sa->get_protocol(sa), sa->get_spi(sa),
- hard_offset == 0);
+ hard_offset = expired->hard_offset;
+ expired->entry->sa->expire(expired->entry->sa, hard_offset == 0);
if (hard_offset)
{ /* soft limit reached, schedule hard expire */
expired->hard_offset = 0;
@@ -530,6 +528,28 @@ METHOD(ipsec_sa_mgr_t, update_sa, status_t,
return SUCCESS;
}
+METHOD(ipsec_sa_mgr_t, query_sa, status_t,
+ private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst,
+ u_int32_t spi, u_int8_t protocol, mark_t mark,
+ u_int64_t *bytes, u_int64_t *packets, time_t *time)
+{
+ ipsec_sa_entry_t *entry = NULL;
+
+ this->mutex->lock(this->mutex);
+ if (this->sas->find_first(this->sas, (void*)match_entry_by_spi_src_dst,
+ (void**)&entry, &spi, src, dst) == SUCCESS &&
+ wait_for_entry(this, entry))
+ {
+ entry->sa->get_usestats(entry->sa, bytes, packets, time);
+ /* checkin the entry */
+ entry->locked = FALSE;
+ entry->condvar->signal(entry->condvar);
+ }
+ this->mutex->unlock(this->mutex);
+
+ return entry ? SUCCESS : NOT_FOUND;
+}
+
METHOD(ipsec_sa_mgr_t, del_sa, status_t,
private_ipsec_sa_mgr_t *this, host_t *src, host_t *dst, u_int32_t spi,
u_int8_t protocol, u_int16_t cpi, mark_t mark)
@@ -653,6 +673,7 @@ ipsec_sa_mgr_t *ipsec_sa_mgr_create()
.get_spi = _get_spi,
.add_sa = _add_sa,
.update_sa = _update_sa,
+ .query_sa = _query_sa,
.del_sa = _del_sa,
.checkout_by_spi = _checkout_by_spi,
.checkout_by_reqid = _checkout_by_reqid,
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-03 11:24:59 +0000