diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2013-11-15 14:54:42 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2014-01-23 10:35:21 +0100 |
| commit | 685579d6d870230afd2cdde90c5d95adf816b811 (patch) | |
| tree | 5b4676103694f7b0078dd375d356d851e68ff4b4 /src/libcharon/plugins/unity | |
| parent | 6b95565767038eef1fb07a42bef43690009827c5 (diff) | |
| download | strongswan-685579d6d870230afd2cdde90c5d95adf816b811.tar.bz2 strongswan-685579d6d870230afd2cdde90c5d95adf816b811.tar.xz | |
unity: Send UNITY_SPLIT_INCLUDE attributes with proper padding
The additional 6 bytes are not actually padding but are parsed by the
Cisco client as protocol and src and dst ports (each two bytes but
strangely only the first two in network order).
Diffstat (limited to 'src/libcharon/plugins/unity')
| -rw-r--r-- | src/libcharon/plugins/unity/unity_provider.c | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/src/libcharon/plugins/unity/unity_provider.c b/src/libcharon/plugins/unity/unity_provider.c index ac6f93d69..30b20349c 100644 --- a/src/libcharon/plugins/unity/unity_provider.c +++ b/src/libcharon/plugins/unity/unity_provider.c @@ -38,10 +38,15 @@ typedef struct { enumerator_t public; /** list of traffic selectors to enumerate */ linked_list_t *list; - /** currently enumerating subnet */ - u_char subnet[4]; - /** currently enumerating subnet mask */ - u_char mask[4]; + /** currently enumerating attribute data */ + struct __attribute__((packed)) { + u_char net[4]; + u_char mask[4]; + /* the Cisco client parses this as protocol, src and dst port, the first + * two in network order the last in host order - no other clients seem + * to support these fields so we don't use them either */ + u_char padding[6]; + } attr; } attribute_enumerator_t; METHOD(enumerator_t, attribute_enumerate, bool, @@ -65,23 +70,23 @@ METHOD(enumerator_t, attribute_enumerate, bool, } ts->destroy(ts); } + memcpy(this->attr.net, net->get_address(net).ptr, sizeof(this->attr.net)); + net->destroy(net); - memset(this->mask, 0, sizeof(this->mask)); - for (i = 0; i < sizeof(this->mask); i++) + memset(this->attr.mask, 0, sizeof(this->attr.mask)); + for (i = 0; i < sizeof(this->attr.mask); i++) { if (mask < 8) { - this->mask[i] = 0xFF << (8 - mask); + this->attr.mask[i] = 0xFF << (8 - mask); break; } - this->mask[i] = 0xFF; + this->attr.mask[i] = 0xFF; mask -= 8; } - memcpy(this->subnet, net->get_address(net).ptr, sizeof(this->subnet)); - net->destroy(net); *type = UNITY_SPLIT_INCLUDE; - *attr = chunk_create(this->subnet, sizeof(this->subnet) + sizeof(this->mask)); + *attr = chunk_create(this->attr.net, sizeof(this->attr)); return TRUE; } |