diff options
| author | Reto Buerki <reet@codelabs.ch> | 2012-09-11 18:32:50 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2013-03-19 15:23:47 +0100 |
| commit | 6c237edb9a23d521cd0e32838a6441c73361dd63 (patch) | |
| tree | 4cb897a468d9260b87d5e7b96c05f3505c42eb0d | |
| parent | a642e3ba27dcc21c0ead3aa7c8980375f5ae2685 (diff) | |
| download | strongswan-6c237edb9a23d521cd0e32838a6441c73361dd63.tar.bz2 strongswan-6c237edb9a23d521cd0e32838a6441c73361dd63.tar.xz | |
Remove netlink proxy from TKM kernel interface
The TKM is now able to manage simple child SAs, so there is no need for
the netlink proxy anymore.
| -rw-r--r-- | src/charon-tkm/src/tkm/tkm_kernel_ipsec.c | 46 |
1 files changed, 10 insertions, 36 deletions
diff --git a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c index 9eac308b6..3a58e23fe 100644 --- a/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c +++ b/src/charon-tkm/src/tkm/tkm_kernel_ipsec.c @@ -18,7 +18,7 @@ #include <netinet/udp.h> #include <linux/xfrm.h> #include <utils/debug.h> -#include <plugins/kernel_netlink/kernel_netlink_ipsec.h> +#include <utils/chunk.h> #include <tkm/constants.h> #include <tkm/client.h> @@ -39,11 +39,6 @@ struct private_tkm_kernel_ipsec_t { tkm_kernel_ipsec_t public; /** - * Kernel interface proxy (will be removed). - */ - kernel_netlink_ipsec_t *proxy; - - /** * Local CHILD SA SPI. */ uint32_t esp_spi_loc; @@ -55,8 +50,9 @@ METHOD(kernel_ipsec_t, get_spi, status_t, u_int8_t protocol, u_int32_t reqid, u_int32_t *spi) { DBG1(DBG_KNL, "getting SPI for reqid {%u}", reqid); - return this->proxy->interface.get_spi(&this->proxy->interface, src, dst, - protocol, reqid, spi); + /* fake SPI for now */ + *spi = 92726226; + return SUCCESS; } METHOD(kernel_ipsec_t, get_cpi, status_t, @@ -78,11 +74,6 @@ METHOD(kernel_ipsec_t, add_sa, status_t, { DBG1(DBG_KNL, "store local child SA SPI for installation", ntohl(spi)); this->esp_spi_loc = spi; - this->proxy->interface.add_sa(&this->proxy->interface, src, dst, spi, - protocol, reqid, mark, tfc, lifetime, - enc_alg, enc_key, int_alg, int_key, mode, - ipcomp, cpi, encap, esn, inbound, src_ts, - dst_ts); return SUCCESS; } const esa_info_t esa = *(esa_info_t *)(enc_key.ptr); @@ -95,11 +86,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t, return FAILED; } this->esp_spi_loc = 0; - return this->proxy->interface.add_sa(&this->proxy->interface, src, dst, spi, - protocol, reqid, mark, tfc, lifetime, - enc_alg, esa.enc_key, int_alg, int_key, - mode, ipcomp, cpi, encap, esn, inbound, - src_ts, dst_ts); + return SUCCESS; } METHOD(kernel_ipsec_t, query_sa, status_t, @@ -115,8 +102,7 @@ METHOD(kernel_ipsec_t, del_sa, status_t, u_int32_t spi, u_int8_t protocol, u_int16_t cpi, mark_t mark) { DBG1(DBG_KNL, "deleting child SA with SPI %.8x", ntohl(spi)); - return this->proxy->interface.del_sa(&this->proxy->interface, src, dst, spi, - protocol, cpi, mark); + return SUCCESS; } METHOD(kernel_ipsec_t, update_sa, status_t, @@ -131,7 +117,7 @@ METHOD(kernel_ipsec_t, flush_sas, status_t, private_tkm_kernel_ipsec_t *this) { DBG1(DBG_KNL, "flushing child SA entries"); - return this->proxy->interface.flush_sas(&this->proxy->interface); + return SUCCESS; } METHOD(kernel_ipsec_t, add_policy, status_t, @@ -140,9 +126,7 @@ METHOD(kernel_ipsec_t, add_policy, status_t, policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa, mark_t mark, policy_priority_t priority) { - return this->proxy->interface.add_policy(&this->proxy->interface, src, dst, - src_ts, dst_ts, direction, type, - sa, mark, priority); + return SUCCESS; } METHOD(kernel_ipsec_t, query_policy, status_t, @@ -158,15 +142,13 @@ METHOD(kernel_ipsec_t, del_policy, status_t, traffic_selector_t *dst_ts, policy_dir_t direction, u_int32_t reqid, mark_t mark, policy_priority_t prio) { - return this->proxy->interface.del_policy(&this->proxy->interface, src_ts, - dst_ts, direction, reqid, mark, - prio); + return SUCCESS; } METHOD(kernel_ipsec_t, flush_policies, status_t, private_tkm_kernel_ipsec_t *this) { - return this->proxy->interface.flush_policies(&this->proxy->interface); + return SUCCESS; } @@ -227,7 +209,6 @@ METHOD(kernel_ipsec_t, enable_udp_decap, bool, METHOD(kernel_ipsec_t, destroy, void, private_tkm_kernel_ipsec_t *this) { - this->proxy->interface.destroy(&this->proxy->interface); free(this); } @@ -258,14 +239,7 @@ tkm_kernel_ipsec_t *tkm_kernel_ipsec_create() }, }, .esp_spi_loc = 0, - .proxy = kernel_netlink_ipsec_create(), ); - if (!this->proxy) - { - free(this); - return NULL; - } - return &this->public; } |