diff options
| author | Martin Willi <martin@revosec.ch> | 2013-04-12 13:19:59 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2013-05-06 16:10:11 +0200 |
| commit | 60ed88b2c7283a871ca80d8ed60f218d9731fa90 (patch) | |
| tree | 93d85628cc836197efd2178ddd8eadb7314d031a /src/libcharon | |
| parent | dc35d097b3723d10591cce4949b15ba825b05ef8 (diff) | |
| download | strongswan-60ed88b2c7283a871ca80d8ed60f218d9731fa90.tar.bz2 strongswan-60ed88b2c7283a871ca80d8ed60f218d9731fa90.tar.xz | |
child-sa: pass traffic selector to add_sa() regardless of IPsec mode
This lets the kernel backend decide what to do with it, and in fact all kernel
interfaces already handle this correctly.
Diffstat (limited to 'src/libcharon')
| -rw-r--r-- | src/libcharon/sa/child_sa.c | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c index 463ad2e22..a8c246bfb 100644 --- a/src/libcharon/sa/child_sa.c +++ b/src/libcharon/sa/child_sa.c @@ -668,21 +668,18 @@ METHOD(child_sa_t, install, status_t, lifetime->time.rekey = 0; } - if (this->mode == MODE_BEET || this->mode == MODE_TRANSPORT) + /* BEET requires the bound address from the traffic selectors. + * TODO: We add just the first traffic selector for now, as the + * kernel accepts a single TS per SA only */ + if (inbound) { - /* BEET requires the bound address from the traffic selectors. - * TODO: We add just the first traffic selector for now, as the - * kernel accepts a single TS per SA only */ - if (inbound) - { - my_ts->get_first(my_ts, (void**)&dst_ts); - other_ts->get_first(other_ts, (void**)&src_ts); - } - else - { - my_ts->get_first(my_ts, (void**)&src_ts); - other_ts->get_first(other_ts, (void**)&dst_ts); - } + my_ts->get_first(my_ts, (void**)&dst_ts); + other_ts->get_first(other_ts, (void**)&src_ts); + } + else + { + my_ts->get_first(my_ts, (void**)&src_ts); + other_ts->get_first(other_ts, (void**)&dst_ts); } status = hydra->kernel_interface->add_sa(hydra->kernel_interface, |