diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-09-27 12:25:43 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-09-27 12:43:39 +0200 |
| commit | a79af394a0c9ecc8ada34b924da00f9a2a29239a (patch) | |
| tree | a2a7f928d8d50f67a5b27c0d8e51782ed34d5435 /src/libhydra/plugins/kernel_netlink | |
| parent | 9845391a9591fc701e1185df26f49cd929721d3d (diff) | |
| download | strongswan-a79af394a0c9ecc8ada34b924da00f9a2a29239a.tar.bz2 strongswan-a79af394a0c9ecc8ada34b924da00f9a2a29239a.tar.xz | |
Allow replay windows smaller than the default of 32
Diffstat (limited to 'src/libhydra/plugins/kernel_netlink')
| -rw-r--r-- | src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c index 654a1c6d5..d8fefdbab 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -322,12 +322,12 @@ struct private_kernel_netlink_ipsec_t { bool policy_history; /** - * Size of the replay window, in packets + * Size of the replay window, in packets (= bits) */ u_int32_t replay_window; /** - * Size of the replay window bitmap, in bytes + * Size of the replay window bitmap, in number of __u32 blocks */ u_int32_t replay_bmp; }; @@ -1488,7 +1488,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t, /* bmp_len contains number uf __u32's */ replay->bmp_len = this->replay_bmp; replay->replay_window = this->replay_window; - DBG2(DBG_KNL, " using replay window of %u bytes", + DBG2(DBG_KNL, " using replay window of %u packets", this->replay_window); rthdr = XFRM_RTA_NEXT(rthdr); @@ -1500,7 +1500,9 @@ METHOD(kernel_ipsec_t, add_sa, status_t, } else { - sa->replay_window = DEFAULT_REPLAY_WINDOW; + DBG2(DBG_KNL, " using replay window of %u packets", + this->replay_window); + sa->replay_window = this->replay_window; } } |