diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2009-08-06 18:14:44 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2009-08-06 18:14:44 +0200 |
| commit | bfca7aa5ede1d8ec5a39dad976dc3fdd8b51db14 (patch) | |
| tree | 75231d7f9e6495c0901b3b37452382832c8cff56 /src/charon/plugins/kernel_pfkey | |
| parent | f53088c657cee6c5d180d4ded0086829132312c4 (diff) | |
| download | strongswan-bfca7aa5ede1d8ec5a39dad976dc3fdd8b51db14.tar.bz2 strongswan-bfca7aa5ede1d8ec5a39dad976dc3fdd8b51db14.tar.xz | |
FreeBSD returns the current policy use time only after specifying a hard lifetime when installing the policy.
Diffstat (limited to 'src/charon/plugins/kernel_pfkey')
| -rw-r--r-- | src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index af89d4207..7ccb96bed 100644 --- a/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -704,7 +704,7 @@ static status_t parse_pfkey_message(struct sadb_msg *msg, pfkey_msg_t *out) while (len >= PFKEY_LEN(sizeof(struct sadb_ext))) { - DBG2(DBG_KNL, " %N", sadb_ext_type_names, ext->sadb_ext_type); + DBG3(DBG_KNL, " %N", sadb_ext_type_names, ext->sadb_ext_type); if (ext->sadb_ext_len < PFKEY_LEN(sizeof(struct sadb_ext)) || ext->sadb_ext_len > len) { @@ -1712,6 +1712,18 @@ static status_t add_policy(private_kernel_pfkey_ipsec_t *this, add_addr_ext(msg, policy->dst.net, SADB_EXT_ADDRESS_DST, policy->dst.proto, policy->dst.mask); +#ifdef __FreeBSD__ + { /* on FreeBSD a lifetime has to be defined to be able to later query + * the current use time. */ + struct sadb_lifetime *lft; + lft = (struct sadb_lifetime*)PFKEY_EXT_ADD_NEXT(msg); + lft->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD; + lft->sadb_lifetime_len = PFKEY_LEN(sizeof(struct sadb_lifetime)); + lft->sadb_lifetime_addtime = 0x7fffffff; /* kernel maps this to long */ + PFKEY_EXT_ADD(msg, lft); + } +#endif + this->mutex->unlock(this->mutex); if (pfkey_send(this, msg, &out, &len) != SUCCESS) |