From 9645c87adbfcbfba2ace8a51a5df31448512112c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
Date: Fri, 5 Jun 2015 10:19:38 +0300
Subject: [PATCH] kernel-netlink: ignore ports for gre protocol
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Netlink supports matching a grekey from using the port data. But
charon does not handle grekey negotiation currently, so just ignore
them for now.

Signed-off-by: Timo Teräs <timo.teras@iki.fi>
---
 src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
index f22e07d..5ce6b32 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -754,6 +754,11 @@ static struct xfrm_selector ts2selector(traffic_selector_t *src,
 		sel.sport = htons(port & 0xff);
 		sel.dport = htons(port >> 8);
 	}
+	else if (sel.proto == IPPROTO_GRE)
+	{
+		sel.sport = sel.dport = 0;
+		sel.sport_mask = sel.dport_mask = 0;
+	}
 	sel.ifindex = 0;
 	sel.user = 0;
 
-- 
2.4.2