forcing proper autoload of af_key kernel module in charon

author: Martin Willi <martin@strongswan.org> 2007-04-27 07:43:42 +0000
committer: Martin Willi <martin@strongswan.org> 2007-04-27 07:43:42 +0000
commit: 594e830eb72094020b612ef5ed93d889049be12a (patch)
tree: b803d155b716f5cbe72068689f17bb3a8df905a1 /src/charon/network
parent: d931f4658e3ca5e35d5e353770a626cfbc279405 (diff)
download: strongswan-594e830eb72094020b612ef5ed93d889049be12a.tar.bz2
strongswan-594e830eb72094020b612ef5ed93d889049be12a.tar.xz
1 files changed, 10 insertions, 0 deletions
diff --git a/src/charon/network/socket.c b/src/charon/network/socket.c
index 4b147657a..dd231ebed 100644
--- a/src/charon/network/socket.c
+++ b/src/charon/network/socket.c
@@ -690,6 +690,7 @@ static void destroy(private_socket_t *this)
  */
 socket_t *socket_create(u_int16_t port, u_int16_t natt_port)
 {
+	int key;
 	private_socket_t *this = malloc_thing(private_socket_t);
 
 	/* public functions */
@@ -706,6 +707,15 @@ socket_t *socket_create(u_int16_t port, u_int16_t natt_port)
 	this->send4_natt = 0;
 	this->send6_natt = 0;
 	
+	/* we open a AF_KEY socket to autoload the af_key module. Otherwise
+	 * setsockopt(IPSEC_POLICY) won't work. */
+	key = socket(AF_KEY, SOCK_RAW, PF_KEY_V2);
+	if (key == 0)
+	{
+		charon->kill(charon, "could not open AF_KEY socket");
+	}
+	close(key);
+	
 	this->recv4 = open_recv_socket(this, AF_INET);
 	if (this->recv4 == 0)
 	{
author	Martin Willi <martin@strongswan.org>	2007-04-27 07:43:42 +0000
committer	Martin Willi <martin@strongswan.org>	2007-04-27 07:43:42 +0000
commit	594e830eb72094020b612ef5ed93d889049be12a (patch)
tree	b803d155b716f5cbe72068689f17bb3a8df905a1 /src/charon/network
parent	d931f4658e3ca5e35d5e353770a626cfbc279405 (diff)
download	strongswan-594e830eb72094020b612ef5ed93d889049be12a.tar.bz2 strongswan-594e830eb72094020b612ef5ed93d889049be12a.tar.xz