aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/socket_default
diff options
context:
space:
mode:
authorTobias Brunner <tobias@strongswan.org>2012-08-16 15:26:37 +0200
committerTobias Brunner <tobias@strongswan.org>2012-08-16 15:26:37 +0200
commitaaefeafb4943689c3882b3a434a484cc85c4c10e (patch)
tree6e99e7150f4434534427465c4093d95286d2ce6c /src/libcharon/plugins/socket_default
parent11b514bff6b3213fa68fa37440b2c0a789c87eee (diff)
downloadstrongswan-aaefeafb4943689c3882b3a434a484cc85c4c10e.tar.bz2
strongswan-aaefeafb4943689c3882b3a434a484cc85c4c10e.tar.xz
Enable UDP decapsulation for both address families
Since the 3.5 Linux kernel both UDP implementations have a separate static flag to indicate whether ANY sockets enabled UDP decapsulation. As we only ever enabled it for one address family (in earlier versions IPv4 only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation wouldn't work anymore (at least for one address family).
Diffstat (limited to 'src/libcharon/plugins/socket_default')
-rw-r--r--src/libcharon/plugins/socket_default/socket_default_socket.c16
1 files changed, 9 insertions, 7 deletions
diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c
index c2b073418..8ab5a8cf3 100644
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -534,6 +534,15 @@ static int open_socket(private_socket_default_socket_t *this,
{
DBG1(DBG_NET, "installing IKE bypass policy failed");
}
+
+ /* enable UDP decapsulation for NAT-T sockets */
+ if (port == &this->natt &&
+ !hydra->kernel_interface->enable_udp_decap(hydra->kernel_interface,
+ skt, family, this->natt))
+ {
+ DBG1(DBG_NET, "enabling UDP decapsulation failed");
+ }
+
return skt;
}
@@ -630,13 +639,6 @@ socket_default_socket_t *socket_default_socket_create()
return NULL;
}
- /* enable UDP decapsulation globally, only for one socket needed */
- if (!hydra->kernel_interface->enable_udp_decap(hydra->kernel_interface,
- this->ipv6_natt ?: this->ipv4_natt,
- this->ipv6_natt ? AF_INET6 : AF_INET, this->natt))
- {
- DBG1(DBG_NET, "enabling UDP decapsulation failed");
- }
return &this->public;
}