diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2010-07-27 19:13:51 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2010-09-02 19:04:20 +0200 |
| commit | 230aa11fb41c45816ba48a36eeeceb13386290d5 (patch) | |
| tree | 3a0b7f95689dfc3af182217deccff7b8a8753789 /src/pluto/kernel.c | |
| parent | 1ad497c78f2e407fb13c3cc8b72532c786728ab5 (diff) | |
| download | strongswan-230aa11fb41c45816ba48a36eeeceb13386290d5.tar.bz2 strongswan-230aa11fb41c45816ba48a36eeeceb13386290d5.tar.xz | |
pluto: Migrated update_ipsec_sa to libhydra's kernel interface.
Diffstat (limited to 'src/pluto/kernel.c')
| -rw-r--r-- | src/pluto/kernel.c | 41 |
1 files changed, 21 insertions, 20 deletions
diff --git a/src/pluto/kernel.c b/src/pluto/kernel.c index 47b349b29..552a63d49 100644 --- a/src/pluto/kernel.c +++ b/src/pluto/kernel.c @@ -2546,31 +2546,32 @@ void delete_ipsec_sa(struct state *st USED_BY_KLIPS, static bool update_nat_t_ipsec_esp_sa (struct state *st, bool inbound) { connection_t *c = st->st_connection; - char text_said[SATOT_BUF]; - struct kernel_sa sa; - ip_address - src = inbound? c->spd.that.host_addr : c->spd.this.host_addr, - dst = inbound? c->spd.this.host_addr : c->spd.that.host_addr; + host_t *host_src, *host_dst, *new_src, *new_dst; + mark_t mark_none = { 0, 0 }; + bool result; + ipsec_spi_t spi = inbound ? st->st_esp.our_spi : st->st_esp.attrs.spi; + struct end *src = inbound ? &c->spd.that : &c->spd.this, + *dst = inbound ? &c->spd.this : &c->spd.that; - ipsec_spi_t esp_spi = inbound? st->st_esp.our_spi : st->st_esp.attrs.spi; + host_src = host_create_from_sockaddr((sockaddr_t*)&src->host_addr); + host_dst = host_create_from_sockaddr((sockaddr_t*)&dst->host_addr); - u_int16_t - natt_sport = inbound? c->spd.that.host_port : c->spd.this.host_port, - natt_dport = inbound? c->spd.this.host_port : c->spd.that.host_port; + new_src = host_src->clone(host_src); + new_dst = host_dst->clone(host_dst); + new_src->set_port(new_src, src->host_port); + new_dst->set_port(new_dst, dst->host_port); - set_text_said(text_said, &dst, esp_spi, SA_ESP); + result = hydra->kernel_interface->update_sa(hydra->kernel_interface, + spi, IPPROTO_ESP, 0 /* cpi */, host_src, host_dst, + new_src, new_dst, TRUE /* encap */, TRUE /* new_encap */, + mark_none) == SUCCESS; - memset(&sa, 0, sizeof(sa)); - sa.spi = esp_spi; - sa.src = &src; - sa.dst = &dst; - sa.text_said = text_said; - sa.authalg = alg_info_esp_aa2sadb(st->st_esp.attrs.auth); - sa.natt_sport = natt_sport; - sa.natt_dport = natt_dport; - sa.transid = st->st_esp.attrs.transid; + host_src->destroy(host_src); + host_dst->destroy(host_dst); + new_src->destroy(new_src); + new_dst->destroy(new_dst); - return kernel_ops->add_sa(&sa, TRUE); + return result; } #endif |