Added a get_rekey/reauth_time() jitter parameter to get time without randomization
This commit is contained in:
parent
b03c700d08
commit
d08269c700
|
@ -341,13 +341,13 @@ METHOD(peer_cfg_t, get_keyingtries, u_int32_t,
|
||||||
}
|
}
|
||||||
|
|
||||||
METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
|
METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
|
||||||
private_peer_cfg_t *this)
|
private_peer_cfg_t *this, bool jitter)
|
||||||
{
|
{
|
||||||
if (this->rekey_time == 0)
|
if (this->rekey_time == 0)
|
||||||
{
|
{
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (this->jitter_time == 0)
|
if (this->jitter_time == 0 || !jitter)
|
||||||
{
|
{
|
||||||
return this->rekey_time;
|
return this->rekey_time;
|
||||||
}
|
}
|
||||||
|
@ -355,13 +355,13 @@ METHOD(peer_cfg_t, get_rekey_time, u_int32_t,
|
||||||
}
|
}
|
||||||
|
|
||||||
METHOD(peer_cfg_t, get_reauth_time, u_int32_t,
|
METHOD(peer_cfg_t, get_reauth_time, u_int32_t,
|
||||||
private_peer_cfg_t *this)
|
private_peer_cfg_t *this, bool jitter)
|
||||||
{
|
{
|
||||||
if (this->reauth_time == 0)
|
if (this->reauth_time == 0)
|
||||||
{
|
{
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (this->jitter_time == 0)
|
if (this->jitter_time == 0 || !jitter)
|
||||||
{
|
{
|
||||||
return this->reauth_time;
|
return this->reauth_time;
|
||||||
}
|
}
|
||||||
|
|
|
@ -227,18 +227,20 @@ struct peer_cfg_t {
|
||||||
u_int32_t (*get_keyingtries) (peer_cfg_t *this);
|
u_int32_t (*get_keyingtries) (peer_cfg_t *this);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a time to start rekeying (is randomized with jitter).
|
* Get a time to start rekeying.
|
||||||
*
|
*
|
||||||
|
* @param jitter remove a jitter value to randomize time
|
||||||
* @return time in s when to start rekeying, 0 disables rekeying
|
* @return time in s when to start rekeying, 0 disables rekeying
|
||||||
*/
|
*/
|
||||||
u_int32_t (*get_rekey_time)(peer_cfg_t *this);
|
u_int32_t (*get_rekey_time)(peer_cfg_t *this, bool jitter);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get a time to start reauthentication (is randomized with jitter).
|
* Get a time to start reauthentication.
|
||||||
*
|
*
|
||||||
|
* @param jitter remove a jitter value to randomize time
|
||||||
* @return time in s when to start reauthentication, 0 disables it
|
* @return time in s when to start reauthentication, 0 disables it
|
||||||
*/
|
*/
|
||||||
u_int32_t (*get_reauth_time)(peer_cfg_t *this);
|
u_int32_t (*get_reauth_time)(peer_cfg_t *this, bool jitter);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the timeout of a rekeying/reauthenticating SA.
|
* Get the timeout of a rekeying/reauthenticating SA.
|
||||||
|
|
|
@ -642,7 +642,7 @@ METHOD(ike_sa_t, set_state, void,
|
||||||
|
|
||||||
/* schedule rekeying if we have a time which is smaller than
|
/* schedule rekeying if we have a time which is smaller than
|
||||||
* an already scheduled rekeying */
|
* an already scheduled rekeying */
|
||||||
t = this->peer_cfg->get_rekey_time(this->peer_cfg);
|
t = this->peer_cfg->get_rekey_time(this->peer_cfg, TRUE);
|
||||||
if (t && (this->stats[STAT_REKEY] == 0 ||
|
if (t && (this->stats[STAT_REKEY] == 0 ||
|
||||||
(this->stats[STAT_REKEY] > t + this->stats[STAT_ESTABLISHED])))
|
(this->stats[STAT_REKEY] > t + this->stats[STAT_ESTABLISHED])))
|
||||||
{
|
{
|
||||||
|
@ -651,7 +651,7 @@ METHOD(ike_sa_t, set_state, void,
|
||||||
lib->scheduler->schedule_job(lib->scheduler, job, t);
|
lib->scheduler->schedule_job(lib->scheduler, job, t);
|
||||||
DBG1(DBG_IKE, "scheduling rekeying in %ds", t);
|
DBG1(DBG_IKE, "scheduling rekeying in %ds", t);
|
||||||
}
|
}
|
||||||
t = this->peer_cfg->get_reauth_time(this->peer_cfg);
|
t = this->peer_cfg->get_reauth_time(this->peer_cfg, TRUE);
|
||||||
if (t && (this->stats[STAT_REAUTH] == 0 ||
|
if (t && (this->stats[STAT_REAUTH] == 0 ||
|
||||||
(this->stats[STAT_REAUTH] > t + this->stats[STAT_ESTABLISHED])))
|
(this->stats[STAT_REAUTH] > t + this->stats[STAT_ESTABLISHED])))
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue