diff options
author | Martin Willi <martin@strongswan.org> | 2009-12-17 10:50:37 +0100 |
---|---|---|
committer | Martin Willi <martin@strongswan.org> | 2009-12-17 10:52:07 +0100 |
commit | 6ec949e022a4dd36f19676f0ba825c8b7ffcb2f6 (patch) | |
tree | dbada4619c15f17d6874b47d749fdfb83378fe78 /src/charon/plugins/kernel_klips/kernel_klips_ipsec.c | |
parent | f721e0fb5f2cc4aa010a262ab5de228ea48a6357 (diff) | |
download | strongswan-6ec949e022a4dd36f19676f0ba825c8b7ffcb2f6.tar.bz2 strongswan-6ec949e022a4dd36f19676f0ba825c8b7ffcb2f6.tar.xz |
Fixed BEET mode by installing SAs with negotiated address in traffic selector
Diffstat (limited to 'src/charon/plugins/kernel_klips/kernel_klips_ipsec.c')
-rw-r--r-- | src/charon/plugins/kernel_klips/kernel_klips_ipsec.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/charon/plugins/kernel_klips/kernel_klips_ipsec.c b/src/charon/plugins/kernel_klips/kernel_klips_ipsec.c index fc2c2a746..e0e4a7670 100644 --- a/src/charon/plugins/kernel_klips/kernel_klips_ipsec.c +++ b/src/charon/plugins/kernel_klips/kernel_klips_ipsec.c @@ -1704,7 +1704,8 @@ static status_t add_sa(private_kernel_klips_ipsec_t *this, u_int16_t enc_alg, chunk_t enc_key, u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode, u_int16_t ipcomp, u_int16_t cpi, - bool encap, bool inbound) + bool encap, bool inbound, traffic_selector_t *src_ts, + traffic_selector_t *dst_ts) { unsigned char request[PFKEY_BUFFER_SIZE]; struct sadb_msg *msg, *out; @@ -2617,7 +2618,7 @@ kernel_klips_ipsec_t *kernel_klips_ipsec_create() /* public functions */ this->public.interface.get_spi = (status_t(*)(kernel_ipsec_t*,host_t*,host_t*,protocol_id_t,u_int32_t,u_int32_t*))get_spi; this->public.interface.get_cpi = (status_t(*)(kernel_ipsec_t*,host_t*,host_t*,u_int32_t,u_int16_t*))get_cpi; - this->public.interface.add_sa = (status_t(*)(kernel_ipsec_t *,host_t*,host_t*,u_int32_t,protocol_id_t,u_int32_t,lifetime_cfg_t*,u_int16_t,chunk_t,u_int16_t,chunk_t,ipsec_mode_t,u_int16_t,u_int16_t,bool,bool))add_sa; + this->public.interface.add_sa = (status_t(*)(kernel_ipsec_t *,host_t*,host_t*,u_int32_t,protocol_id_t,u_int32_t,lifetime_cfg_t*,u_int16_t,chunk_t,u_int16_t,chunk_t,ipsec_mode_t,u_int16_t,u_int16_t,bool,bool,traffic_selector_t*,traffic_selector_t*))add_sa; this->public.interface.update_sa = (status_t(*)(kernel_ipsec_t*,u_int32_t,protocol_id_t,u_int16_t,host_t*,host_t*,host_t*,host_t*,bool,bool))update_sa; this->public.interface.query_sa = (status_t(*)(kernel_ipsec_t*,host_t*,host_t*,u_int32_t,protocol_id_t,u_int64_t*))query_sa; this->public.interface.del_sa = (status_t(*)(kernel_ipsec_t*,host_t*,host_t*,u_int32_t,protocol_id_t,u_int16_t))del_sa; |