diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2010-07-19 10:19:29 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2010-09-02 19:04:19 +0200 |
| commit | 6a066ad19b60cb137b353feb96241a90241b4dbc (patch) | |
| tree | 858e982a6bf16f5f0951ef1300d036a7bc760494 /src/pluto/kernel.c | |
| parent | 89f0cca111561472e78ca9bce4ae56239f9c73d2 (diff) | |
| download | strongswan-6a066ad19b60cb137b353feb96241a90241b4dbc.tar.bz2 strongswan-6a066ad19b60cb137b353feb96241a90241b4dbc.tar.xz | |
pluto: Migrated get_my_cpi to libhydra's kernel interface.
Diffstat (limited to 'src/pluto/kernel.c')
| -rw-r--r-- | src/pluto/kernel.c | 41 |
1 files changed, 10 insertions, 31 deletions
diff --git a/src/pluto/kernel.c b/src/pluto/kernel.c index 4c3bd91ea..572261076 100644 --- a/src/pluto/kernel.c +++ b/src/pluto/kernel.c @@ -287,47 +287,26 @@ ipsec_spi_t get_ipsec_spi(ipsec_spi_t avoid, int proto, struct spd_route *sr, /* Generate Unique CPI numbers. * The result is returned as an SPI (4 bytes) in network order! * The real bits are in the nework-low-order 2 bytes. - * Modelled on get_ipsec_spi, but range is more limited: - * 256-61439. - * If we can't find one easily, return 0 (a bad SPI, - * no matter what order) indicating failure. */ ipsec_spi_t get_my_cpi(struct spd_route *sr, bool tunnel) { - static cpi_t first_busy_cpi = 0, latest_cpi; - char text_said[SATOT_BUF]; - rng_t *rng; + host_t *host_src, *host_dst; + u_int16_t cpi; - set_text_said(text_said, &sr->this.host_addr, 0, IPPROTO_COMP); + host_src = host_create_from_sockaddr((sockaddr_t*)&sr->that.host_addr); + host_dst = host_create_from_sockaddr((sockaddr_t*)&sr->this.host_addr); - if (kernel_ops->get_spi) - { - return kernel_ops->get_spi(&sr->that.host_addr - , &sr->this.host_addr, IPPROTO_COMP, tunnel - , get_proto_reqid(sr->reqid, IPPROTO_COMP) - , IPCOMP_FIRST_NEGOTIATED, IPCOMP_LAST_NEGOTIATED - , text_said); - } + if (hydra->kernel_interface->get_cpi(hydra->kernel_interface, host_src, + host_dst, sr->reqid, &cpi) != SUCCESS) - rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); - while (!(IPCOMP_FIRST_NEGOTIATED <= first_busy_cpi && first_busy_cpi < IPCOMP_LAST_NEGOTIATED)) { - rng->get_bytes(rng, sizeof(first_busy_cpi), (u_char *)&first_busy_cpi); - latest_cpi = first_busy_cpi; + cpi = 0; } - rng->destroy(rng); - latest_cpi++; + host_src->destroy(host_src); + host_dst->destroy(host_dst); - if (latest_cpi == first_busy_cpi) - { - find_my_cpi_gap(&latest_cpi, &first_busy_cpi); - } - if (latest_cpi > IPCOMP_LAST_NEGOTIATED) - { - latest_cpi = IPCOMP_FIRST_NEGOTIATED; - } - return htonl((ipsec_spi_t)latest_cpi); + return htonl((u_int32_t)ntohs(cpi)); } /* Replace the shell metacharacters ', \, ", `, and $ in a character string |