ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

Replaced ike_sa_t.create_child_sa_iterator with enumerator. 

This required two new methods on ike_sa_t. One returns the number of
CHILD_SAs and one allows to remove a CHILD_SA.
This commit is contained in:
Tobias Brunner 2011-05-19 17:27:32 +02:00
parent 4f9c691adb
commit 4bbce1ef37
16 changed files with 140 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/conftest/actions.c
View File

@ -114,8 +114,7 @@ static job_requeue_t rekey_ike(char *config)
*/
static job_requeue_t rekey_child(char *config)
{
enumerator_t *enumerator;
iterator_t *children;
enumerator_t *enumerator, *children;
ike_sa_t *ike_sa;
child_sa_t *child_sa;
u_int32_t reqid = 0, spi = 0;
@ -125,8 +124,8 @@ static job_requeue_t rekey_child(char *config)
charon->controller, TRUE);
while (enumerator->enumerate(enumerator, &ike_sa))
{
children = ike_sa->create_child_sa_iterator(ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
if (streq(config, child_sa->get_name(child_sa)))
{
@ -222,8 +221,7 @@ static job_requeue_t close_ike(char *config)
*/
static job_requeue_t close_child(char *config)
{
enumerator_t *enumerator;
iterator_t *children;
enumerator_t *enumerator, *children;
ike_sa_t *ike_sa;
child_sa_t *child_sa;
int id = 0;
@ -233,8 +231,8 @@ static job_requeue_t close_child(char *config)
while (enumerator->enumerate(enumerator, &ike_sa))
{
children = ike_sa->create_child_sa_iterator(ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
if (streq(config, child_sa->get_name(child_sa)))
{

8
src/libcharon/bus/bus.c
View File

@ -564,15 +564,15 @@ METHOD(bus_t, ike_updown, void,
/* a down event for IKE_SA implicitly downs all CHILD_SAs */
if (!up)
{
iterator_t *iterator;
enumerator_t *enumerator;
child_sa_t *child_sa;
iterator = ike_sa->create_child_sa_iterator(ike_sa);
while (iterator->iterate(iterator, (void**)&child_sa))
enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
child_updown(this, child_sa, FALSE);
}
iterator->destroy(iterator);
enumerator->destroy(enumerator);
}
}

8
src/libcharon/control/controller.c
View File

@ -367,7 +367,7 @@ METHOD(controller_t, terminate_child, status_t,
{
ike_sa_t *ike_sa;
child_sa_t *child_sa;
iterator_t *iterator;
enumerator_t *enumerator;
interface_job_t job = {
.listener = {
.public = {
@ -397,8 +397,8 @@ METHOD(controller_t, terminate_child, status_t,
}
job.listener.ike_sa = ike_sa;
iterator = ike_sa->create_child_sa_iterator(ike_sa);
while (iterator->iterate(iterator, (void**)&child_sa))
enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
if (child_sa->get_state(child_sa) != CHILD_ROUTED &&
child_sa->get_reqid(child_sa) == reqid)
@ -407,7 +407,7 @@ METHOD(controller_t, terminate_child, status_t,
}
child_sa = NULL;
}
iterator->destroy(iterator);
enumerator->destroy(enumerator);
if (child_sa == NULL)
{

8
src/libcharon/plugins/ha/ha_cache.c
View File

@ -196,12 +196,12 @@ METHOD(ha_cache_t, delete_, void,
*/
static status_t rekey_children(ike_sa_t *ike_sa)
{
iterator_t *iterator;
enumerator_t *enumerator;
child_sa_t *child_sa;
status_t status = SUCCESS;
iterator = ike_sa->create_child_sa_iterator(ike_sa);
while (iterator->iterate(iterator, (void**)&child_sa))
enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
DBG1(DBG_CFG, "resyncing CHILD_SA");
status = ike_sa->rekey_child_sa(ike_sa, child_sa->get_protocol(child_sa),
@ -211,7 +211,7 @@ static status_t rekey_children(ike_sa_t *ike_sa)
break;
}
}
iterator->destroy(iterator);
enumerator->destroy(enumerator);
return status;
}

6
src/libcharon/plugins/smp/smp.c
View File

@ -214,7 +214,7 @@ static void request_query_ikesa(xmlTextReaderPtr reader, xmlTextWriterPtr writer
{
ike_sa_id_t *id;
host_t *local, *remote;
iterator_t *children;
enumerator_t *children;
child_sa_t *child_sa;
id = ike_sa->get_id(ike_sa);
@ -264,8 +264,8 @@ static void request_query_ikesa(xmlTextReaderPtr reader, xmlTextWriterPtr writer
/* <childsalist> */
xmlTextWriterStartElement(writer, "childsalist");
children = ike_sa->create_child_sa_iterator(ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
write_child(writer, child_sa);
}

21
src/libcharon/plugins/stroke/stroke_control.c
View File

@ -294,12 +294,12 @@ METHOD(stroke_control_t, terminate, void,
while (enumerator->enumerate(enumerator, &ike_sa))
{
child_sa_t *child_sa;
iterator_t *children;
enumerator_t *children;
if (child)
{
children = ike_sa->create_child_sa_iterator(ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
if (streq(name, child_sa->get_name(child_sa)))
{
@ -374,12 +374,12 @@ METHOD(stroke_control_t, rekey, void,
while (enumerator->enumerate(enumerator, &ike_sa))
{
child_sa_t *child_sa;
iterator_t *children;
enumerator_t *children;
if (child)
{
children = ike_sa->create_child_sa_iterator(ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
if ((name && streq(name, child_sa->get_name(child_sa))) ||
(id && id == child_sa->get_reqid(child_sa)))
@ -486,8 +486,7 @@ METHOD(stroke_control_t, terminate_srcip, void,
METHOD(stroke_control_t, purge_ike, void,
private_stroke_control_t *this, stroke_msg_t *msg, FILE *out)
{
enumerator_t *enumerator;
iterator_t *iterator;
enumerator_t *enumerator, *children;
ike_sa_t *ike_sa;
child_sa_t *child_sa;
linked_list_t *list;
@ -502,13 +501,13 @@ METHOD(stroke_control_t, purge_ike, void,
charon->controller, TRUE);
while (enumerator->enumerate(enumerator, &ike_sa))
{
iterator = ike_sa->create_child_sa_iterator(ike_sa);
if (!iterator->iterate(iterator, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
if (!children->enumerate(children, (void**)&child_sa))
{
list->insert_last(list,
(void*)(uintptr_t)ike_sa->get_unique_id(ike_sa));
}
iterator->destroy(iterator);
children->destroy(children);
}
enumerator->destroy(enumerator);

4
src/libcharon/plugins/stroke/stroke_list.c
View File

@ -576,7 +576,7 @@ METHOD(stroke_list_t, status, void,
while (enumerator->enumerate(enumerator, &ike_sa))
{
bool ike_printed = FALSE;
iterator_t *children = ike_sa->create_child_sa_iterator(ike_sa);
enumerator_t *children = ike_sa->create_child_sa_enumerator(ike_sa);
if (name == NULL || streq(name, ike_sa->get_name(ike_sa)))
{
@ -585,7 +585,7 @@ METHOD(stroke_list_t, status, void,
ike_printed = TRUE;
}
while (children->iterate(children, (void**)&child_sa))
while (children->enumerate(children, (void**)&child_sa))
{
if (name == NULL || streq(name, child_sa->get_name(child_sa)))
{

7
src/libcharon/plugins/uci/uci_control.c
View File

@ -76,8 +76,7 @@ static void write_fifo(private_uci_control_t *this, char *format, ...)
*/
static void status(private_uci_control_t *this, char *name)
{
enumerator_t *configs, *sas;
iterator_t *children;
enumerator_t *configs, *sas, *children;
ike_sa_t *ike_sa;
child_sa_t *child_sa;
peer_cfg_t *peer_cfg;
@ -111,8 +110,8 @@ static void status(private_uci_control_t *this, char *name)
fprintf(out, "%-8s %-20D %-16H ", ike_sa->get_name(ike_sa),
ike_sa->get_other_id(ike_sa), ike_sa->get_other_host(ike_sa));
children = ike_sa->create_child_sa_iterator(ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
fprintf(out, "%#R",
child_sa->get_traffic_selectors(child_sa, FALSE));

8
src/libcharon/processing/jobs/inactivity_job.c
View File

@ -61,15 +61,15 @@ METHOD(job_t, execute, void,
this->reqid, TRUE);
if (ike_sa)
{
iterator_t *iterator;
enumerator_t *enumerator;
child_sa_t *child_sa;
u_int32_t delete = 0;
protocol_id_t proto = 0;
int children = 0;
status_t status = SUCCESS;
iterator = ike_sa->create_child_sa_iterator(ike_sa);
while (iterator->iterate(iterator, (void**)&child_sa))
enumerator = ike_sa->create_child_sa_enumerator(ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
if (child_sa->get_reqid(child_sa) == this->reqid)
{
@ -94,7 +94,7 @@ METHOD(job_t, execute, void,
}
children++;
}
iterator->destroy(iterator);
enumerator->destroy(enumerator);
if (delete)
{

6
src/libcharon/processing/jobs/migrate_job.c
View File

@ -79,12 +79,12 @@ METHOD(job_t, execute, void,
}
if (ike_sa)
{
iterator_t *children;
enumerator_t *children;
child_sa_t *child_sa;
host_t *host;
children = ike_sa->create_child_sa_iterator(ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = ike_sa->create_child_sa_enumerator(ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
if (child_sa->get_reqid(child_sa) == this->reqid)
{

22
src/libcharon/sa/ike_sa.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2006-2008 Tobias Brunner
* Copyright (C) 2006-2011 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
@ -1393,10 +1393,22 @@ METHOD(ike_sa_t, get_child_sa, child_sa_t*,
return found;
}
METHOD(ike_sa_t, create_child_sa_iterator, iterator_t*,
METHOD(ike_sa_t, get_child_count, int,
private_ike_sa_t *this)
{
return this->child_sas->create_iterator(this->child_sas, TRUE);
return this->child_sas->get_count(this->child_sas);
}
METHOD(ike_sa_t, create_child_sa_enumerator, enumerator_t*,
private_ike_sa_t *this)
{
return this->child_sas->create_enumerator(this->child_sas);
}
METHOD(ike_sa_t, remove_child_sa, void,
private_ike_sa_t *this, enumerator_t *enumerator)
{
this->child_sas->remove_at(this->child_sas, enumerator);
}
METHOD(ike_sa_t, rekey_child_sa, status_t,
@ -2113,7 +2125,9 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
.get_keymat = _get_keymat,
.add_child_sa = _add_child_sa,
.get_child_sa = _get_child_sa,
.create_child_sa_iterator = _create_child_sa_iterator,
.get_child_count = _get_child_count,
.create_child_sa_enumerator = _create_child_sa_enumerator,
.remove_child_sa = _remove_child_sa,
.rekey_child_sa = _rekey_child_sa,
.delete_child_sa = _delete_child_sa,
.destroy_child_sa = _destroy_child_sa,

100
src/libcharon/sa/ike_sa.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2006-2008 Tobias Brunner
* Copyright (C) 2006-2011 Tobias Brunner
* Copyright (C) 2006 Daniel Roethlisberger
* Copyright (C) 2005-2009 Martin Willi
* Copyright (C) 2005 Jan Hutter
@ -260,14 +260,14 @@ struct ike_sa_t {
*
* Returned ike_sa_id_t object is not getting cloned!
*
* @return ike_sa's ike_sa_id_t
* @return ike_sa's ike_sa_id_t
*/
ike_sa_id_t* (*get_id) (ike_sa_t *this);
/**
* Get the numerical ID uniquely defining this IKE_SA.
*
* @return unique ID
* @return unique ID
*/
u_int32_t (*get_unique_id) (ike_sa_t *this);
@ -474,7 +474,7 @@ struct ike_sa_t {
/**
* Create an iterator over all additional addresses of the peer.
*
* @return iterator over addresses
* @return iterator over addresses
*/
iterator_t* (*create_additional_address_iterator)(ike_sa_t *this);
@ -567,8 +567,8 @@ struct ike_sa_t {
*
* @param mediated_cfg peer_cfg of the mediated connection
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
*/
status_t (*initiate_mediation) (ike_sa_t *this, peer_cfg_t *mediated_cfg);
@ -579,8 +579,8 @@ struct ike_sa_t {
* @param other remote endpoint (gets cloned)
* @param connect_id connect ID (gets cloned)
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
*/
status_t (*initiate_mediated) (ike_sa_t *this, host_t *me, host_t *other,
chunk_t connect_id);
@ -597,8 +597,8 @@ struct ike_sa_t {
* @param endpoints endpoints
* @param response TRUE if this is a response
* @return
* - SUCCESS if relay started
* - DESTROY_ME if relay failed
* - SUCCESS if relay started
* - DESTROY_ME if relay failed
*/
status_t (*relay) (ike_sa_t *this, identification_t *requester,
chunk_t connect_id, chunk_t connect_key,
@ -611,8 +611,8 @@ struct ike_sa_t {
*
* @param peer_id ID of the other peer
* @return
* - SUCCESS if response started
* - DESTROY_ME if response failed
* - SUCCESS if response started
* - DESTROY_ME if response failed
*/
status_t (*callback) (ike_sa_t *this, identification_t *peer_id);
@ -624,8 +624,8 @@ struct ike_sa_t {
* @param peer_id ID of the other peer
* @param connect_id the connect ID supplied by the initiator
* @return
* - SUCCESS if response started
* - DESTROY_ME if response failed
* - SUCCESS if response started
* - DESTROY_ME if response failed
*/
status_t (*respond) (ike_sa_t *this, identification_t *peer_id,
chunk_t connect_id);
@ -643,8 +643,8 @@ struct ike_sa_t {
* @param tsi source of triggering packet
* @param tsr destination of triggering packet.
* @return
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
* - SUCCESS if initialization started
* - DESTROY_ME if initialization failed
*/
status_t (*initiate) (ike_sa_t *this, child_cfg_t *child_cfg,
u_int32_t reqid, traffic_selector_t *tsi,
@ -658,10 +658,10 @@ struct ike_sa_t {
* the IKE SA gets deleted.
*
* @return
* - SUCCESS if deletion is initialized
* - DESTROY_ME, if the IKE_SA is not in
* an established state and can not be
* deleted (but destroyed).
* - SUCCESS if deletion is initialized
* - DESTROY_ME, if the IKE_SA is not in
* an established state and can not be
* deleted (but destroyed).
*/
status_t (*delete) (ike_sa_t *this);
@ -686,11 +686,11 @@ struct ike_sa_t {
* process_message() return DESTROY_ME. Then the caller must
* destroy the IKE_SA immediatly, as it is unusable.
*
* @param message message to process
* @param message message to process
* @return
* - SUCCESS
* - FAILED
* - DESTROY_ME if this IKE_SA MUST be deleted
* - SUCCESS
* - FAILED
* - DESTROY_ME if this IKE_SA MUST be deleted
*/
status_t (*process_message) (ike_sa_t *this, message_t *message);
@ -700,12 +700,12 @@ struct ike_sa_t {
* This method generates all payloads in the message and encrypts/signs
* the packet.
*
* @param message message to generate
* @param message message to generate
* @param packet generated output packet
* @return
* - SUCCESS
* - FAILED
* - DESTROY_ME if this IKE_SA MUST be deleted
* - SUCCESS
* - FAILED
* - DESTROY_ME if this IKE_SA MUST be deleted
*/
status_t (*generate_message) (ike_sa_t *this, message_t *message,
packet_t **packet);
@ -715,8 +715,8 @@ struct ike_sa_t {
*
* @param message_id ID of the request to retransmit
* @return
* - SUCCESS
* - NOT_FOUND if request doesn't have to be retransmited
* - SUCCESS
* - NOT_FOUND if request doesn't have to be retransmited
*/
status_t (*retransmit) (ike_sa_t *this, u_int32_t message_id);
@ -728,8 +728,8 @@ struct ike_sa_t {
* other traffic was received.
*
* @return
* - SUCCESS
* - DESTROY_ME, if peer did not respond
* - SUCCESS
* - DESTROY_ME, if peer did not respond
*/
status_t (*send_dpd) (ike_sa_t *this);
@ -769,11 +769,25 @@ struct ike_sa_t {
u_int32_t spi, bool inbound);
/**
* Create an iterator over all CHILD_SAs.
* Get the number of CHILD_SAs.
*
* @return iterator
* @return number of CHILD_SAs
*/
iterator_t* (*create_child_sa_iterator) (ike_sa_t *this);
int (*get_child_count) (ike_sa_t *this);
/**
* Create an enumerator over all CHILD_SAs.
*
* @return enumerator
*/
enumerator_t* (*create_child_sa_enumerator) (ike_sa_t *this);
/**
* Remove the CHILD_SA the given enumerator points to from this IKE_SA.
*
* @param enumerator enumerator pointing to CHILD_SA
*/
void (*remove_child_sa) (ike_sa_t *this, enumerator_t *enumerator);
/**
* Rekey the CHILD SA with the specified reqid.
@ -783,8 +797,8 @@ struct ike_sa_t {
* @param protocol protocol of the SA
* @param spi inbound SPI of the CHILD_SA
* @return
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS, if rekeying initiated
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS, if rekeying initiated
*/
status_t (*rekey_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
@ -798,8 +812,8 @@ struct ike_sa_t {
* @param protocol protocol of the SA
* @param spi inbound SPI of the CHILD_SA
* @return
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS, if delete message sent
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS, if delete message sent
*/
status_t (*delete_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
@ -811,8 +825,8 @@ struct ike_sa_t {
* @param protocol protocol of the SA
* @param spi inbound SPI of the CHILD_SA
* @return
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS
* - NOT_FOUND, if IKE_SA has no such CHILD_SA
* - SUCCESS
*/
status_t (*destroy_child_sa) (ike_sa_t *this, protocol_id_t protocol, u_int32_t spi);
@ -929,8 +943,8 @@ struct ike_sa_t {
/**
* Creates an ike_sa_t object with a specific ID.
*
* @param ike_sa_id ike_sa_id_t object to associate with new IKE_SA
* @return ike_sa_t object
* @param ike_sa_id ike_sa_id_t object to associate with new IKE_SA
* @return ike_sa_t object
*/
ike_sa_t *ike_sa_create(ike_sa_id_t *ike_sa_id);

14
src/libcharon/sa/ike_sa_manager.c
View File

@ -1134,8 +1134,7 @@ METHOD(ike_sa_manager_t, checkout_by_config, ike_sa_t*,
METHOD(ike_sa_manager_t, checkout_by_id, ike_sa_t*,
private_ike_sa_manager_t *this, u_int32_t id, bool child)
{
enumerator_t *enumerator;
iterator_t *children;
enumerator_t *enumerator, *children;
entry_t *entry;
ike_sa_t *ike_sa = NULL;
child_sa_t *child_sa;
@ -1151,8 +1150,8 @@ METHOD(ike_sa_manager_t, checkout_by_id, ike_sa_t*,
/* look for a child with such a reqid ... */
if (child)
{
children = entry->ike_sa->create_child_sa_iterator(entry->ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = entry->ike_sa->create_child_sa_enumerator(entry->ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
if (child_sa->get_reqid(child_sa) == id)
{
@ -1188,8 +1187,7 @@ METHOD(ike_sa_manager_t, checkout_by_id, ike_sa_t*,
METHOD(ike_sa_manager_t, checkout_by_name, ike_sa_t*,
private_ike_sa_manager_t *this, char *name, bool child)
{
enumerator_t *enumerator;
iterator_t *children;
enumerator_t *enumerator, *children;
entry_t *entry;
ike_sa_t *ike_sa = NULL;
child_sa_t *child_sa;
@ -1203,8 +1201,8 @@ METHOD(ike_sa_manager_t, checkout_by_name, ike_sa_t*,
/* look for a child with such a policy name ... */
if (child)
{
children = entry->ike_sa->create_child_sa_iterator(entry->ike_sa);
while (children->iterate(children, (void**)&child_sa))
children = entry->ike_sa->create_child_sa_enumerator(entry->ike_sa);
while (children->enumerate(children, (void**)&child_sa))
{
if (streq(child_sa->get_name(child_sa), name))
{

8
src/libcharon/sa/tasks/ike_mobike.c
View File

@ -256,11 +256,11 @@ static void build_cookie(private_ike_mobike_t *this, message_t *message)
*/
static void update_children(private_ike_mobike_t *this)
{
iterator_t *iterator;
enumerator_t *enumerator;
child_sa_t *child_sa;
iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
while (iterator->iterate(iterator, (void**)&child_sa))
enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
if (child_sa->update(child_sa,
this->ike_sa->get_my_host(this->ike_sa),
@ -273,7 +273,7 @@ static void update_children(private_ike_mobike_t *this)
child_sa->get_spi(child_sa, TRUE));
}
}
iterator->destroy(iterator);
enumerator->destroy(enumerator);
}
/**

15
src/libcharon/sa/tasks/ike_reauth.c
View File

@ -57,7 +57,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
{
ike_sa_t *new;
host_t *host;
iterator_t *iterator;
enumerator_t *enumerator;
child_sa_t *child_sa;
peer_cfg_t *peer_cfg;
@ -67,8 +67,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
/* reauthenticate only if we have children */
iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
if (iterator->get_count(iterator) == 0
if (this->ike_sa->get_child_count(this->ike_sa) == 0
#ifdef ME
/* we allow peers to reauth mediation connections (without children) */
&& !peer_cfg->is_mediation(peer_cfg)
@ -76,7 +75,6 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
)
{
DBG1(DBG_IKE, "unable to reauthenticate IKE_SA, no CHILD_SA to recreate");
iterator->destroy(iterator);
return FAILED;
}
@ -110,14 +108,15 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
}
#endif /* ME */
while (iterator->iterate(iterator, (void**)&child_sa))
enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
switch (child_sa->get_state(child_sa))
{
case CHILD_ROUTED:
{
/* move routed child directly */
iterator->remove(iterator);
this->ike_sa->remove_child_sa(this->ike_sa, enumerator);
new->add_child_sa(new, child_sa);
break;
}
@ -128,7 +127,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
child_cfg->get_ref(child_cfg);
if (new->initiate(new, child_cfg, 0, NULL, NULL) == DESTROY_ME)
{
iterator->destroy(iterator);
enumerator->destroy(enumerator);
charon->ike_sa_manager->checkin_and_destroy(
charon->ike_sa_manager, new);
/* set threads active IKE_SA after checkin */
@ -140,7 +139,7 @@ static status_t process_i(private_ike_reauth_t *this, message_t *message)
}
}
}
iterator->destroy(iterator);
enumerator->destroy(enumerator);
charon->ike_sa_manager->checkin(charon->ike_sa_manager, new);
/* set threads active IKE_SA after checkin */
charon->bus->set_sa(charon->bus, this->ike_sa);

10
src/libcharon/sa/tasks/ike_rekey.c
View File

@ -147,8 +147,8 @@ METHOD(task_t, build_i, status_t,
METHOD(task_t, process_r, status_t,
private_ike_rekey_t *this, message_t *message)
{
enumerator_t *enumerator;
peer_cfg_t *peer_cfg;
iterator_t *iterator;
child_sa_t *child_sa;
if (this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
@ -157,8 +157,8 @@ METHOD(task_t, process_r, status_t,
return NEED_MORE;
}
iterator = this->ike_sa->create_child_sa_iterator(this->ike_sa);
while (iterator->iterate(iterator, (void**)&child_sa))
enumerator = this->ike_sa->create_child_sa_enumerator(this->ike_sa);
while (enumerator->enumerate(enumerator, (void**)&child_sa))
{
switch (child_sa->get_state(child_sa))
{
@ -167,13 +167,13 @@ METHOD(task_t, process_r, status_t,
case CHILD_DELETING:
/* we do not allow rekeying while we have children in-progress */
DBG1(DBG_IKE, "peer initiated rekeying, but a child is half-open");
iterator->destroy(iterator);
enumerator->destroy(enumerator);
return NEED_MORE;
default:
break;
}
}
iterator->destroy(iterator);
enumerator->destroy(enumerator);
this->new_sa = charon->ike_sa_manager->checkout_new(charon->ike_sa_manager,
FALSE);