diff options
| author | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2012-05-29 15:09:13 +0000 |
|---|---|---|
| committer | Mike Belopuhov <mikeb@cvs.openbsd.org> | 2012-05-29 15:09:13 +0000 |
| commit | 698e0023fa1a7b4f5ee9538ebddb2382616a5d12 (patch) | |
| tree | 3bd6e90dcf38aaa7aa831d1b82393603a590b47f /sbin/iked | |
| parent | 3bec1f9ae8a78638c50da292ba007f063c667b93 (diff) | |
improve timer framework; will be needed soon
Diffstat (limited to 'sbin/iked')
| -rw-r--r-- | sbin/iked/iked.h | 20 | ||||
| -rw-r--r-- | sbin/iked/ikev2.c | 30 | ||||
| -rw-r--r-- | sbin/iked/ikev2_pld.c | 5 | ||||
| -rw-r--r-- | sbin/iked/timer.c | 86 |
4 files changed, 56 insertions, 85 deletions
diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index 8fb79c40076..8ad1c618d36 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.44 2012/05/23 14:54:04 mikeb Exp $ */ +/* $OpenBSD: iked.h,v 1.45 2012/05/29 15:09:12 mikeb Exp $ */ /* $vantronix: iked.h,v 1.61 2010/06/03 07:57:33 reyk Exp $ */ /* @@ -97,6 +97,13 @@ enum privsep_procid privsep_process; * Runtime structures */ +struct iked_timer { + struct event tmr_ev; + struct iked *tmr_env; + void (*tmr_cb)(struct iked *, void *); + void *tmr_cbarg; +}; + struct iked_spi { u_int64_t spi; u_int8_t spi_size; @@ -500,6 +507,10 @@ struct iked { struct iked_socket *sc_sock4; struct iked_socket *sc_sock6; + struct iked_timer sc_inittmr; +#define IKED_INITIATOR_INITIAL 2 +#define IKED_INITIATOR_INTERVAL 60 + struct privsep sc_ps; }; @@ -644,7 +655,7 @@ pid_t ikev1(struct privsep *, struct privsep_proc *); /* ikev2.c */ pid_t ikev2(struct privsep *, struct privsep_proc *); void ikev2_recv(struct iked *, struct iked_message *); -int ikev2_init_ike_sa(struct iked *, struct iked_policy *); +void ikev2_init_ike_sa(struct iked *, void *); int ikev2_sa_negotiate(struct iked_sa *, struct iked_proposals *, struct iked_proposals *); int ikev2_policy2id(struct iked_static_id *, struct iked_id *, int); @@ -737,9 +748,8 @@ char *ca_asn1_name(u_int8_t *, size_t); char *ca_x509_name(void *); /* timer.c */ -void timer_register_initiator(struct iked *, - int (*)(struct iked *, struct iked_policy *)); -void timer_unregister_initiator(struct iked *); +void timer_register(struct iked_timer *, struct iked *, + void (*)(struct iked *, void *), void *, int); /* proc.c */ void proc_init(struct privsep *, struct privsep_proc *, u_int); diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index bb60ee0f7fe..bf18849dd59 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.61 2012/05/23 16:23:01 mikeb Exp $ */ +/* $OpenBSD: ikev2.c,v 1.62 2012/05/29 15:09:12 mikeb Exp $ */ /* $vantronix: ikev2.c,v 1.101 2010/06/03 07:57:33 reyk Exp $ */ /* @@ -129,7 +129,8 @@ ikev2_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) case IMSG_CTL_PASSIVE: if (config_getmode(env, imsg->hdr.type) == -1) return (0); /* ignore error */ - timer_register_initiator(env, ikev2_init_ike_sa); + timer_register(&env->sc_inittmr, env, ikev2_init_ike_sa, NULL, + IKED_INITIATOR_INITIAL); return (0); case IMSG_UDP_SOCKET: return (config_getsocket(env, imsg, ikev2_msg_cb)); @@ -623,10 +624,29 @@ ikev2_init_recv(struct iked *env, struct iked_message *msg, } } -int -ikev2_init_ike_sa(struct iked *env, struct iked_policy *pol) +void +ikev2_init_ike_sa(struct iked *env, void *arg) { - return (ikev2_init_ike_sa_peer(env, pol, &pol->pol_peer)); + struct iked_policy *pol; + + TAILQ_FOREACH(pol, &env->sc_policies, pol_entry) { + if ((pol->pol_flags & IKED_POLICY_ACTIVE) == 0) + continue; + if (sa_peer_lookup(pol, &pol->pol_peer.addr) != NULL) { + log_debug("%s: \"%s\" is already active", + __func__, pol->pol_name); + continue; + } + + log_debug("%s: initiating \"%s\"", __func__, pol->pol_name); + + if (ikev2_init_ike_sa_peer(env, pol, &pol->pol_peer)) + log_debug("%s: failed to initiate with peer %s", + __func__, print_host(&pol->pol_peer.addr, NULL, 0)); + } + + timer_register(&env->sc_inittmr, env, ikev2_init_ike_sa, NULL, + IKED_INITIATOR_INTERVAL); } int diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index 7ef3429b09c..4943ea4292d 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.23 2012/05/07 10:58:38 mikeb Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.24 2012/05/29 15:09:12 mikeb Exp $ */ /* $vantronix: ikev2.c,v 1.101 2010/06/03 07:57:33 reyk Exp $ */ /* @@ -705,7 +705,8 @@ ikev2_pld_notify(struct iked *env, struct ikev2_payload *pld, group); sa_free(env, msg->msg_sa); msg->msg_sa = NULL; - timer_register_initiator(env, ikev2_init_ike_sa); + timer_register(&env->sc_inittmr, env, ikev2_init_ike_sa, NULL, + IKED_INITIATOR_INITIAL); break; case IKEV2_N_NO_ADDITIONAL_SAS: /* This makes sense for Child SAs only atm */ diff --git a/sbin/iked/timer.c b/sbin/iked/timer.c index 244900661be..916b79d1fe8 100644 --- a/sbin/iked/timer.c +++ b/sbin/iked/timer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: timer.c,v 1.5 2011/05/27 12:01:02 reyk Exp $ */ +/* $OpenBSD: timer.c,v 1.6 2012/05/29 15:09:12 mikeb Exp $ */ /* * Copyright (c) 2010 Reyk Floeter <reyk@vantronix.net> @@ -32,86 +32,26 @@ #include "iked.h" -struct timer_cbarg { - int tmr_active; - struct event tmr_ev; - struct iked *tmr_env; - struct timeval tmr_first; - struct timeval tmr_last; - struct timeval tmr_tv; - int (*tmr_initcb)(struct iked *, struct iked_policy *); -} timer_initiator; - -void timer_initiator_cb(int, short, void *); - -#define IKED_TIMER_INITIATOR_INITIAL 2 -#define IKED_TIMER_INITIATOR_INTERVAL 60 +void timer_callback(int, short, void *); void -timer_register_initiator(struct iked *env, - int (*cb)(struct iked *, struct iked_policy *)) +timer_register(struct iked_timer *tmr, struct iked *env, + void (*cb)(struct iked *, void *), void *arg, int timeout) { - struct timer_cbarg *tmr; - - timer_unregister_initiator(env); - - if (env->sc_passive) - return; - - tmr = &timer_initiator; - gettimeofday(&tmr->tmr_first, NULL); - gettimeofday(&tmr->tmr_last, NULL); + struct timeval tv = { timeout }; tmr->tmr_env = env; - tmr->tmr_initcb = cb; - tmr->tmr_active = 1; - evtimer_set(&tmr->tmr_ev, timer_initiator_cb, tmr); - - tmr->tmr_tv.tv_sec = IKED_TIMER_INITIATOR_INITIAL; - tmr->tmr_tv.tv_usec = 0; - evtimer_add(&tmr->tmr_ev, &tmr->tmr_tv); -} - -void -timer_unregister_initiator(struct iked *env) -{ - struct timer_cbarg *tmr; - - tmr = &timer_initiator; - if (!tmr->tmr_active) - return; - - event_del(&tmr->tmr_ev); - bzero(tmr, sizeof(*tmr)); + tmr->tmr_cb = cb; + tmr->tmr_cbarg = arg; + evtimer_set(&tmr->tmr_ev, timer_callback, tmr); + evtimer_add(&tmr->tmr_ev, &tv); } void -timer_initiator_cb(int fd, short event, void *arg) +timer_callback(int fd, short event, void *arg) { - struct timer_cbarg *tmr = arg; - struct iked *env = tmr->tmr_env; - struct iked_policy *pol; - - gettimeofday(&tmr->tmr_last, NULL); - - TAILQ_FOREACH(pol, &env->sc_policies, pol_entry) { - if ((pol->pol_flags & IKED_POLICY_ACTIVE) == 0) - continue; - if (sa_peer_lookup(pol, &pol->pol_peer.addr) != NULL) { - log_debug("%s: \"%s\" is already active", - __func__, pol->pol_name); - continue; - } - - log_debug("%s: initiating \"%s\"", __func__, pol->pol_name); - - if (tmr->tmr_initcb != NULL) { - /* Ignore error but what should we do on failure? */ - (void)tmr->tmr_initcb(env, pol); - } - } + struct iked_timer *tmr = arg; - tmr->tmr_tv.tv_sec = IKED_TIMER_INITIATOR_INTERVAL; - tmr->tmr_tv.tv_usec = 0; - evtimer_add(&tmr->tmr_ev, &tmr->tmr_tv); + if (tmr->tmr_cb) + tmr->tmr_cb(tmr->tmr_env, tmr->tmr_cbarg); } |