diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2015-09-21 13:42:18 +0300 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2017-11-20 10:44:40 +0200 |
| commit | 78368225baa57342645a88f06b416185a7c85b01 (patch) | |
| tree | 07a1f07b7b844a5db96c8968c06985c1b5a606c8 /src/libcharon/sa/ikev1/tasks/quick_mode.c | |
| parent | 941ec20df80cbe0f0287742d06859d80fb343736 (diff) | |
| download | strongswan-tteras.tar.bz2 strongswan-tteras.tar.xz | |
support gre key in ikev1tteras
this implements gre key negotiation in ikev1 similarly to the
ipsec-tools patch in alpine.
the from/to port pair is internally used as gre key for gre
protocol traffic selectors. since from/to pairs 0/0xffff and
0xffff/0 have special meaning, the gre keys 0xffff and 0xffff0000
will not work.
this is not standard compliant, and should probably not be upstreamed
or used widely, but it is applied for interoperability with alpine
racoon for the time being.
Diffstat (limited to 'src/libcharon/sa/ikev1/tasks/quick_mode.c')
| -rw-r--r-- | src/libcharon/sa/ikev1/tasks/quick_mode.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c index 49b476ad8..315a29abe 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c @@ -567,9 +567,9 @@ static void add_ts(private_quick_mode_t *this, message_t *message) { id_payload_t *id_payload; - id_payload = id_payload_create_from_ts(this->tsi); + id_payload = id_payload_create_from_ts(this->tsi, TRUE); message->add_payload(message, &id_payload->payload_interface); - id_payload = id_payload_create_from_ts(this->tsr); + id_payload = id_payload_create_from_ts(this->tsr, FALSE); message->add_payload(message, &id_payload->payload_interface); } @@ -580,7 +580,7 @@ static bool get_ts(private_quick_mode_t *this, message_t *message) { traffic_selector_t *tsi = NULL, *tsr = NULL; enumerator_t *enumerator; - id_payload_t *id_payload; + id_payload_t *idi = NULL, *idr = NULL; payload_t *payload; host_t *hsi, *hsr; bool first = TRUE; @@ -590,20 +590,22 @@ static bool get_ts(private_quick_mode_t *this, message_t *message) { if (payload->get_type(payload) == PLV1_ID) { - id_payload = (id_payload_t*)payload; - if (first) { - tsi = id_payload->get_ts(id_payload); + idi = (id_payload_t*)payload; first = FALSE; } else { - tsr = id_payload->get_ts(id_payload); + idr = (id_payload_t*)payload; break; } } } + if (idi && idr) { + tsi = idi->get_ts(idi, idr, TRUE); + tsr = idr->get_ts(idr, idi, FALSE); + } enumerator->destroy(enumerator); /* create host2host selectors if ID payloads missing */ |