diff options
author | Tobias Brunner <tobias@strongswan.org> | 2010-06-23 11:19:37 +0200 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2010-06-23 11:43:31 +0200 |
commit | 9eb7f46b3d8ed0f1a5d5ffd600c633760c2a1c04 (patch) | |
tree | 8987d347c35d7ce5b8384531a334a2a300178007 | |
parent | a427e98da17b33d6e98c0dd41f18e13e961e23f3 (diff) | |
download | strongswan-9eb7f46b3d8ed0f1a5d5ffd600c633760c2a1c04.tar.bz2 strongswan-9eb7f46b3d8ed0f1a5d5ffd600c633760c2a1c04.tar.xz |
Do not install routes in the PF_KEY kernel interface if interface lookup failed.
-rw-r--r-- | src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 38 |
1 files changed, 23 insertions, 15 deletions
diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index dbf7721f9..04abf9f4a 100644 --- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -1795,22 +1795,30 @@ METHOD(kernel_ipsec_t, add_policy, status_t, route->dst_net = chunk_clone(policy->src.net->get_address(policy->src.net)); route->prefixlen = policy->src.mask; - switch (charon->kernel_interface->add_route(charon->kernel_interface, - route->dst_net, route->prefixlen, route->gateway, - route->src_ip, route->if_name)) + if (route->if_name) { - default: - DBG1(DBG_KNL, "unable to install source route for %H", - route->src_ip); - /* FALL */ - case ALREADY_DONE: - /* route exists, do not uninstall */ - route_entry_destroy(route); - break; - case SUCCESS: - /* cache the installed route */ - policy->route = route; - break; + switch (charon->kernel_interface->add_route( + charon->kernel_interface, route->dst_net, + route->prefixlen, route->gateway, + route->src_ip, route->if_name)) + { + default: + DBG1(DBG_KNL, "unable to install source route for %H", + route->src_ip); + /* FALL */ + case ALREADY_DONE: + /* route exists, do not uninstall */ + route_entry_destroy(route); + break; + case SUCCESS: + /* cache the installed route */ + policy->route = route; + break; + } + } + else + { + route_entry_destroy(route); } } else |