timer.c

This a good VPN source

			break;
		    default:
			break;
		    }
		    loglog(RC_NORETRANSMISSION
			, "max number of retransmissions (%d) reached %s%s"
			, st->st_retransmit
			, enum_show(&state_names, st->st_state), details);
		    if (try != 0 && try != try_limit)
		    {
			/* A lot like EVENT_SA_REPLACE, but over again.
			 * Since we know that st cannot be in use,
			 * we can delete it right away.
			 */
			char story[80];	/* arbitrary limit */

			try++;
			snprintf(story, sizeof(story), try_limit == 0
			    ? "starting keying attempt %ld of an unlimited number"
			    : "starting keying attempt %ld of at most %ld"
			    , try, try_limit);

			if (st->st_whack_sock != NULL_FD)
			{
			    /* Release whack because the observer will get bored. */
			    loglog(RC_COMMENT, "%s, but releasing whack"
				, story);
			    release_pending_whacks(st, story);
			}
			else
			{
			    /* no whack: just log to syslog */
			    openswan_log("%s", story);
			}
			ipsecdoi_replace(st, try);
		    }
		    delete_state(st);
		}
	    }
	    break;

	case EVENT_SA_REPLACE:
	case EVENT_SA_REPLACE_IF_USED:
	    {
		so_serial_t newest = IS_PHASE1(st->st_state)
		    ? c->newest_isakmp_sa : c->newest_ipsec_sa;

		if (newest != st->st_serialno
		&& newest != SOS_NOBODY)
		{
		    /* not very interesting: no need to replace */
		    DBG(DBG_LIFECYCLE
			, openswan_log("not replacing stale %s SA: #%lu will do"
			    , IS_PHASE1(st->st_state)? "ISAKMP" : "IPsec"
			    , newest));
		}
		else if (type == EVENT_SA_REPLACE_IF_USED
		&& st->st_outbound_time <= tm - c->sa_rekey_margin)
		{
		    /* we observed no recent use: no need to replace
		     *
		     * The sampling effects mean that st_outbound_time
		     * could be up to SHUNT_SCAN_INTERVAL more recent
		     * than actual traffic because the sampler looks at change
		     * over that interval.
		     * st_outbound_time could also not yet reflect traffic
		     * in the last SHUNT_SCAN_INTERVAL.
		     * We expect that SHUNT_SCAN_INTERVAL is smaller than
		     * c->sa_rekey_margin so that the effects of this will
		     * be unimportant.
		     * This is just an optimization: correctness is not
		     * at stake.
		     *
		     * Note: we are abusing the DBG mechanism to control
		     * normal log output.
		     */
		    DBG(DBG_LIFECYCLE
			, openswan_log("not replacing stale %s SA: inactive for %lus"
			    , IS_PHASE1(st->st_state)? "ISAKMP" : "IPsec"
			    , (unsigned long)(tm - st->st_outbound_time)));
		}
		else
		{
		    DBG(DBG_LIFECYCLE
			, openswan_log("replacing stale %s SA"
			    , IS_PHASE1(st->st_state)? "ISAKMP" : "IPsec"));
		    ipsecdoi_replace(st, 1);
		}
		delete_dpd_event(st);
		event_schedule(EVENT_SA_EXPIRE, st->st_margin, st);
	    }
	    break;

	case EVENT_SA_EXPIRE:
	    {
		const char *satype;
		so_serial_t latest;

		if (IS_PHASE1(st->st_state))
		{
		    satype = "ISAKMP";
		    latest = c->newest_isakmp_sa;
		}
		else
		{
		    satype = "IPsec";
		    latest = c->newest_ipsec_sa;
		}

		if (st->st_serialno != latest)
		{
		    /* not very interesting: already superseded */
		    DBG(DBG_LIFECYCLE
			, openswan_log("%s SA expired (superseded by #%lu)"
			    , satype, latest));
		}
		else
		{
		    openswan_log("%s SA expired (%s)", satype
			, (c->policy & POLICY_DONT_REKEY)
			    ? "--dontrekey"
			    : "LATEST!"
			);
		}
	    }
	    /* FALLTHROUGH */
	case EVENT_SO_DISCARD:
	    /* Delete this state object.  It must be in the hash table. */
	    delete_state(st);
	    break;

        case EVENT_DPD:
            dpd_event(st);
            break;
	    
        case EVENT_DPD_TIMEOUT:
            dpd_timeout(st);
            break;


#ifdef NAT_TRAVERSAL
	case EVENT_NAT_T_KEEPALIVE:
	    nat_traversal_ka_event();
	    break;
#endif
	    
        case EVENT_CRYPTO_FAILED:
	    DBG(DBG_CONTROL
		, DBG_log("event crypto_failed on state #%lu, aborting"
			  , st->st_serialno));
	    delete_state(st);
	    break;
	    

	default:
	    loglog(RC_LOG_SERIOUS, "INTERNAL ERROR: ignoring unknown expiring event %s"
		, enum_show(&timer_event_names, type));
    }

    pfree(ev);
    reset_cur_state();
}

/*
 * Return the time until the next event in the queue
 * expires (never negative), or -1 if no jobs in queue.
 */
long
next_event(void)
{
    time_t tm;

    if (evlist == (struct event *) NULL)
	return -1;

    tm = now();

    DBG(DBG_CONTROL,
	if (evlist->ev_state == NULL)
	    DBG_log("next event %s in %ld seconds"
		, enum_show(&timer_event_names, evlist->ev_type)
		, (long)evlist->ev_time - (long)tm);
	else
	    DBG_log("next event %s in %ld seconds for #%lu"
		, enum_show(&timer_event_names, evlist->ev_type)
		, (long)evlist->ev_time - (long)tm
		, evlist->ev_state->st_serialno));

    if (evlist->ev_time - tm <= 0)
	return 0;
    else
	return evlist->ev_time - tm;
}

/*
 * Delete an event.
 */
void
delete_event(struct state *st)
{
    if (st->st_event != (struct event *) NULL)
    {
	struct event **ev;

	for (ev = &evlist; ; ev = &(*ev)->ev_next)
	{
	    if (*ev == NULL)
	    {
		DBG(DBG_CONTROL, DBG_log("event %s to be deleted not found",
		    enum_show(&timer_event_names, st->st_event->ev_type)));
		break;
	    }
	    if ((*ev) == st->st_event)
	    {
		*ev = (*ev)->ev_next;

		if (st->st_event->ev_type == EVENT_RETRANSMIT)
		    st->st_retransmit = 0;
		pfree(st->st_event);
		st->st_event = (struct event *) NULL;

		break;
	    }
	}
    }
}


/*
 * Delete a DPD event.
 */
void
_delete_dpd_event(struct state *st, const char *file, int lineno)
{
    DBG(DBG_DPD|DBG_CONTROL
	, DBG_log("state: %ld requesting event %s to be deleted by %s:%d"
		  , st->st_serialno
		  , (st->st_dpd_event!=NULL
		   ? enum_show(&timer_event_names, st->st_dpd_event->ev_type)
		   : "none")
		  , file, lineno));
  
    if (st->st_dpd_event != (struct event *) NULL)
    {
        struct event **ev;

        for (ev = &evlist; ; ev = &(*ev)->ev_next)
        {
            if (*ev == NULL)
            {
                DBG(DBG_DPD|DBG_CONTROL
		    , DBG_log("event %s to be deleted not found",
			      enum_show(&timer_event_names
					, st->st_dpd_event->ev_type)));
                break;
            }
            if ((*ev) == st->st_dpd_event)
            {
                *ev = (*ev)->ev_next;
                pfree(st->st_dpd_event);
                st->st_dpd_event = (struct event *) NULL;
                break;
            }
        }
    }
}

/*
 * dump list of events to whacklog
 */
void
timer_list(void)
{
    time_t tm;
    struct event *ev = evlist;
    int type;
    struct state *st;

    if (ev == (struct event *) NULL)    /* Just paranoid */
    {
	whack_log(RC_LOG, "no events are queued");
	return;
    }

    tm = now();

    whack_log(RC_LOG, "It is now: %ld seconds since epoch", (unsigned long)tm);

    while(ev) {
	type = ev->ev_type;
	st = ev->ev_state;

	whack_log(RC_LOG, "event %s is schd: %ld (in %lds) state:%ld"
		  , enum_show(&timer_event_names, type)
		  , (unsigned long)ev->ev_time
		  , (unsigned long)(ev->ev_time - tm)
		  , st != NULL ? (long signed)st->st_serialno : -1);

	if(st && st->st_connection) {
	    whack_log(RC_LOG, "    connection: \"%s\"", st->st_connection->name);
	}

	ev = ev->ev_next;
    }
}


/*
 * Local Variables:
 * c-basic-offset:4
 * c-style: pluto
 * End:
 */