/* Release a reference to SA. */
void
sa_release(struct sa *sa)
{
struct cert_handler *handler;
struct proto *proto;
LOG_DBG((LOG_SA, 80, "sa_release: SA %p had %d references",
sa, sa->refcnt));
if (--sa->refcnt)
return;
LOG_DBG((LOG_SA, 60, "sa_release: freeing SA %p", sa));
while ((proto = TAILQ_FIRST(&sa->protos)) != 0)
proto_free(proto);
if (sa->data) {
if (sa->doi && sa->doi->free_sa_data)
sa->doi->free_sa_data(sa->data);
free(sa->data);
}
free(sa->id_i);
free(sa->id_r);
if (sa->recv_cert) {
handler = cert_get(sa->recv_certtype);
if (handler)
handler->cert_free(sa->recv_cert);
}
if (sa->sent_cert) {
handler = cert_get(sa->sent_certtype);
if (handler)
handler->cert_free(sa->sent_cert);
}
if (sa->recv_key)
key_free(sa->recv_keytype, ISAKMP_KEYTYPE_PUBLIC,
sa->recv_key);
free(sa->keynote_key); /* This is just a string */
if (sa->policy_id != -1)
kn_close(sa->policy_id);
free(sa->name);
free(sa->keystate);
if (sa->nat_t_keepalive)
timer_remove_event(sa->nat_t_keepalive);
if (sa->dpd_event)
timer_remove_event(sa->dpd_event);
if (sa->transport)
transport_release(sa->transport);
free(sa->tag);
free(sa);
}
void
sa_reinit(void)
{
struct sa *sa;
char *tag;
int i;
/* For now; only do this if we have the proper tag configured. */
tag = conf_get_str("General", "Renegotiate-on-HUP");
if (!tag)
return;
LOG_DBG((LOG_SA, 30, "sa_reinit: renegotiating active connections"));
/*
* Get phase 2 SAs. Soft expire those without active exchanges. Do
* not touch a phase 2 SA where the soft expiration is not set, ie.
* the SA is not yet established.
*/
for (i = 0; i <= bucket_mask; i++)
for (sa = LIST_FIRST(&sa_tab[i]); sa; sa = LIST_NEXT(sa, link))
if (sa->phase == 2)
if (exchange_lookup_by_name(sa->name,
sa->phase) == 0 && sa->soft_death) {
timer_remove_event(sa->soft_death);
sa_soft_expire(sa);
}
}
/* Release all resources this SA is using. */
void
sa_free(struct sa *sa)
{
if (sa->death) {
timer_remove_event(sa->death);
sa->death = 0;
sa->refcnt--;
}
if (sa->soft_death) {
timer_remove_event(sa->soft_death);
sa->soft_death = 0;
sa->refcnt--;
}
if (sa->dpd_event) {
timer_remove_event(sa->dpd_event);
sa->dpd_event = 0;
}
sa_remove(sa);
}
/* Mark SA as replaced. */
void
sa_mark_replaced(struct sa *sa)
{
LOG_DBG((LOG_SA, 60, "sa_mark_replaced: SA %p (%s) marked as replaced",
sa, sa->name ? sa->name : "unnamed"));
if (sa->dpd_event) {
timer_remove_event(sa->dpd_event);
sa->dpd_event = 0;
}
sa->flags |= SA_FLAG_REPLACED;
}
static void
ui_conn_reinit(void)
{
struct timeval tv;
if (ui_cr_event)
timer_remove_event(ui_cr_event);
gettimeofday(&tv, 0);
tv.tv_sec += 5;
ui_cr_event = timer_add_event("ui_conn_reinit", ui_conn_reinit_event,
0, &tv);
if (!ui_cr_event)
log_print("ui_conn_reinit: timer_add_event() failed. "
"Connections will not be updated.");
}
