diff options
| author | Martin Willi <martin@revosec.ch> | 2013-04-21 17:05:08 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2013-05-06 17:01:13 +0200 |
| commit | 5c12700f9abc5efeb38d18a46edf152894476e8c (patch) | |
| tree | 6ce337b522191636323bbd7638238afed6ff736f /src/libhydra/plugins/kernel_netlink | |
| parent | bdaf9f97e6cd3e97f4b947e8748efd5b34c4c72e (diff) | |
| download | strongswan-5c12700f9abc5efeb38d18a46edf152894476e8c.tar.bz2 strongswan-5c12700f9abc5efeb38d18a46edf152894476e8c.tar.xz | |
kernel-interface: query SAD for last use time if SPD query didn't yield one
Diffstat (limited to 'src/libhydra/plugins/kernel_netlink')
| -rw-r--r-- | src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c index b30c9533f..58bce6247 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -1595,7 +1595,7 @@ static void get_replay_state(private_kernel_netlink_ipsec_t *this, METHOD(kernel_ipsec_t, query_sa, status_t, private_kernel_netlink_ipsec_t *this, host_t *src, host_t *dst, u_int32_t spi, u_int8_t protocol, mark_t mark, - u_int64_t *bytes, u_int64_t *packets) + u_int64_t *bytes, u_int64_t *packets, u_int32_t *time) { netlink_buf_t request; struct nlmsghdr *out = NULL, *hdr; @@ -1680,6 +1680,12 @@ METHOD(kernel_ipsec_t, query_sa, status_t, { *packets = sa->curlft.packets; } + if (time) + { /* curlft contains an "use" time, but that contains a timestamp + * of the first use, not the last. Last use time must be queried + * on the policy on Linux */ + *time = 0; + } status = SUCCESS; } memwipe(out, len); |