summaryrefslogtreecommitdiff
path: root/src/libcharon/processing
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/processing')
-rw-r--r--src/libcharon/processing/jobs/initiate_mediation_job.c4
-rw-r--r--src/libcharon/processing/jobs/process_message_job.c14
-rw-r--r--src/libcharon/processing/jobs/rekey_child_sa_job.c5
-rw-r--r--src/libcharon/processing/jobs/start_action_job.c2
4 files changed, 19 insertions, 6 deletions
diff --git a/src/libcharon/processing/jobs/initiate_mediation_job.c b/src/libcharon/processing/jobs/initiate_mediation_job.c
index 17ab83053..5b5fb9d98 100644
--- a/src/libcharon/processing/jobs/initiate_mediation_job.c
+++ b/src/libcharon/processing/jobs/initiate_mediation_job.c
@@ -119,8 +119,8 @@ METHOD(job_t, initiate, job_requeue_t,
/* we need an additional reference because initiate consumes one */
mediation_cfg->get_ref(mediation_cfg);
- if (charon->controller->initiate(charon->controller, mediation_cfg,
- NULL, (controller_cb_t)initiate_callback, this, 0) != SUCCESS)
+ if (charon->controller->initiate(charon->controller, mediation_cfg, NULL,
+ (controller_cb_t)initiate_callback, this, 0, FALSE) != SUCCESS)
{
mediation_cfg->destroy(mediation_cfg);
mediated_cfg->destroy(mediated_cfg);
diff --git a/src/libcharon/processing/jobs/process_message_job.c b/src/libcharon/processing/jobs/process_message_job.c
index a6795e766..31f048db6 100644
--- a/src/libcharon/processing/jobs/process_message_job.c
+++ b/src/libcharon/processing/jobs/process_message_job.c
@@ -91,16 +91,26 @@ METHOD(job_t, get_priority, job_priority_t,
{
case IKE_AUTH:
/* IKE auth is rather expensive and often blocking, low priority */
+ case AGGRESSIVE:
+ case ID_PROT:
+ /* AM is basically IKE_SA_INIT/IKE_AUTH combined (without EAP/XAuth)
+ * MM is similar, but stretched out more */
return JOB_PRIO_LOW;
case INFORMATIONAL:
+ case INFORMATIONAL_V1:
/* INFORMATIONALs are inexpensive, for DPD we should have low
* reaction times */
return JOB_PRIO_HIGH;
case IKE_SA_INIT:
- case CREATE_CHILD_SA:
- default:
/* IKE_SA_INIT is expensive, but we will drop them in the receiver
* if we are overloaded */
+ case CREATE_CHILD_SA:
+ case QUICK_MODE:
+ /* these may require DH, but if not they are relatively cheap */
+ case TRANSACTION:
+ /* these are mostly cheap, however, if XAuth via RADIUS is used
+ * they may block */
+ default:
return JOB_PRIO_MEDIUM;
}
}
diff --git a/src/libcharon/processing/jobs/rekey_child_sa_job.c b/src/libcharon/processing/jobs/rekey_child_sa_job.c
index 8f17d39ab..057876b33 100644
--- a/src/libcharon/processing/jobs/rekey_child_sa_job.c
+++ b/src/libcharon/processing/jobs/rekey_child_sa_job.c
@@ -67,7 +67,10 @@ METHOD(job_t, execute, job_requeue_t,
}
else
{
- ike_sa->rekey_child_sa(ike_sa, this->protocol, this->spi);
+ if (ike_sa->get_state(ike_sa) != IKE_PASSIVE)
+ {
+ ike_sa->rekey_child_sa(ike_sa, this->protocol, this->spi);
+ }
charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
}
return JOB_REQUEUE_NONE;
diff --git a/src/libcharon/processing/jobs/start_action_job.c b/src/libcharon/processing/jobs/start_action_job.c
index 981473b5c..5e88ac230 100644
--- a/src/libcharon/processing/jobs/start_action_job.c
+++ b/src/libcharon/processing/jobs/start_action_job.c
@@ -61,7 +61,7 @@ METHOD(job_t, execute, job_requeue_t,
charon->controller->initiate(charon->controller,
peer_cfg->get_ref(peer_cfg),
child_cfg->get_ref(child_cfg),
- NULL, NULL, 0);
+ NULL, NULL, 0, FALSE);
break;
case ACTION_ROUTE:
DBG1(DBG_JOB, "start action: route '%s'", name);