Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
{
struct nhrp_interface *nifp = ifp->info;
{
struct nhrp_interface *nifp = ifp->info;
- if (nifp->ipsec_profile)
- {
+ if (nifp->ipsec_profile) {
vici_terminate_vc_by_profile_name(nifp->ipsec_profile);
free(nifp->ipsec_profile);
}
nifp->ipsec_profile = profile ? strdup(profile) : NULL;
vici_terminate_vc_by_profile_name(nifp->ipsec_profile);
free(nifp->ipsec_profile);
}
nifp->ipsec_profile = profile ? strdup(profile) : NULL;
- if (nifp->ipsec_fallback_profile)
- {
+ if (nifp->ipsec_fallback_profile) {
vici_terminate_vc_by_profile_name(nifp->ipsec_fallback_profile);
free(nifp->ipsec_fallback_profile);
}
vici_terminate_vc_by_profile_name(nifp->ipsec_fallback_profile);
free(nifp->ipsec_fallback_profile);
}
- if (r->timeout > 64)
- {
- //Remove the ipsec connection if it is there, it can get re-established later
- if(r->peer && r->peer->vc && r->peer->vc->ike_uniqueid)
- {
- debugf(NHRP_DEBUG_COMMON, "Terminating IPSec Connection for %d\n", r->peer->vc->ike_uniqueid);
+ if (r->timeout > 64) {
+ /* If registration fails repeatedly, this may be because the
+ * IPSec connection is not working. Close the connection so it
+ * can be re-established correctly
+ */
+ if (r->peer && r->peer->vc && r->peer->vc->ike_uniqueid) {
+ debugf(NHRP_DEBUG_COMMON,
+ "Terminating IPSec Connection for %d\n",
+ r->peer->vc->ike_uniqueid);
vici_terminate_vc_by_ike_id(r->peer->vc->ike_uniqueid);
r->peer->vc->ike_uniqueid = 0;
}
vici_terminate_vc_by_ike_id(r->peer->vc->ike_uniqueid);
r->peer->vc->ike_uniqueid = 0;
}
void vici_terminate_vc_by_profile_name(char *profile_name)
{
struct vici_conn *vici = &vici_connection;
void vici_terminate_vc_by_profile_name(char *profile_name)
{
struct vici_conn *vici = &vici_connection;
vici_submit_request(vici, "terminate", VICI_KEY_VALUE, "ike",
strlen(profile_name), profile_name, VICI_END);
}
vici_submit_request(vici, "terminate", VICI_KEY_VALUE, "ike",
strlen(profile_name), profile_name, VICI_END);
}
void vici_terminate_vc_by_ike_id(unsigned int ike_id)
{
struct vici_conn *vici = &vici_connection;
void vici_terminate_vc_by_ike_id(unsigned int ike_id)
{
struct vici_conn *vici = &vici_connection;
- char ike_id_str[10]={0};
snprintf(ike_id_str, sizeof(ike_id_str), "%d", ike_id);
vici_submit_request(vici, "terminate", VICI_KEY_VALUE, "ike-id",
strlen(ike_id_str), ike_id_str, VICI_END);
snprintf(ike_id_str, sizeof(ike_id_str), "%d", ike_id);
vici_submit_request(vici, "terminate", VICI_KEY_VALUE, "ike-id",
strlen(ike_id_str), ike_id_str, VICI_END);