Use a complete port range in traffic_selector_create_from_{subnet,cidr}

1 files changed, 15 insertions, 5 deletions

diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c
index 9f6124dc9..70d6ce562 100644
--- a/src/libcharon/plugins/stroke/stroke_config.c
+++ b/src/libcharon/plugins/stroke/stroke_config.c
@@ -873,11 +873,21 @@ static void add_ts(private_stroke_config_t *this,
 				   stroke_end_t *end, child_cfg_t *child_cfg, bool local)
 {
 	traffic_selector_t *ts;
+	u_int16_t from_port, to_port;
+
+	if (end->port)
+	{
+		from_port = to_port = end->port;
+	}
+	else
+	{
+		from_port = 0;
+		to_port = 65535;
+	}
 
 	if (end->tohost)
 	{
-		ts = traffic_selector_create_dynamic(end->protocol,
-					end->port ? end->port : 0, end->port ? end->port : 65535);
+		ts = traffic_selector_create_dynamic(end->protocol, from_port, to_port);
 		child_cfg->add_traffic_selector(child_cfg, local, ts);
 	}
 	else
@@ -890,7 +900,7 @@ static void add_ts(private_stroke_config_t *this,
 			if (net)
 			{
 				ts = traffic_selector_create_from_subnet(net, 0, end->protocol,
-														 end->port);
+														 from_port, to_port);
 				child_cfg->add_traffic_selector(child_cfg, local, ts);
 			}
 		}
@@ -902,8 +912,8 @@ static void add_ts(private_stroke_config_t *this,
 			enumerator = enumerator_create_token(end->subnets, ",", " ");
 			while (enumerator->enumerate(enumerator, &subnet))
 			{
-				ts = traffic_selector_create_from_cidr(subnet,
-													end->protocol, end->port);
+				ts = traffic_selector_create_from_cidr(subnet, end->protocol,
+													   from_port, to_port);
 				if (ts)
 				{
 					child_cfg->add_traffic_selector(child_cfg, local, ts);