diff options
author | Martin Willi <martin@revosec.ch> | 2013-12-19 14:14:37 +0100 |
---|---|---|
committer | Martin Willi <martin@revosec.ch> | 2014-06-04 16:32:10 +0200 |
commit | 11e7d0677c3ec6f241ba387d5aadba113b56e9be (patch) | |
tree | e0c9e785f80265553e3e5c7a2c378cace441b815 /src | |
parent | f206e069f132488508ada60daff2ef1cdd3b2afc (diff) | |
download | strongswan-11e7d0677c3ec6f241ba387d5aadba113b56e9be.tar.bz2 strongswan-11e7d0677c3ec6f241ba387d5aadba113b56e9be.tar.xz |
socket-win: Install IKE bypass policies using bypass_socket()
Diffstat (limited to 'src')
-rw-r--r-- | src/libcharon/plugins/socket_win/socket_win_plugin.c | 1 | ||||
-rw-r--r-- | src/libcharon/plugins/socket_win/socket_win_socket.c | 11 |
2 files changed, 12 insertions, 0 deletions
diff --git a/src/libcharon/plugins/socket_win/socket_win_plugin.c b/src/libcharon/plugins/socket_win/socket_win_plugin.c index 4c5ffe03c..a0ef0858a 100644 --- a/src/libcharon/plugins/socket_win/socket_win_plugin.c +++ b/src/libcharon/plugins/socket_win/socket_win_plugin.c @@ -49,6 +49,7 @@ METHOD(plugin_t, get_features, int, static plugin_feature_t f[] = { PLUGIN_CALLBACK(socket_register, socket_win_socket_create), PLUGIN_PROVIDE(CUSTOM, "socket"), + PLUGIN_DEPENDS(CUSTOM, "kernel-ipsec"), }; *features = f; return countof(f); diff --git a/src/libcharon/plugins/socket_win/socket_win_socket.c b/src/libcharon/plugins/socket_win/socket_win_socket.c index 473b05313..2cd951d8f 100644 --- a/src/libcharon/plugins/socket_win/socket_win_socket.c +++ b/src/libcharon/plugins/socket_win/socket_win_socket.c @@ -19,6 +19,7 @@ #include "socket_win_socket.h" #include <library.h> +#include <hydra.h> #include <threading/thread.h> #include <daemon.h> @@ -424,6 +425,16 @@ static SOCKET open_socket(private_socket_win_socket_t *this, int i) closesocket(s); return INVALID_SOCKET; } + if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface, + s, AF_INET)) + { + DBG1(DBG_NET, "installing IPv4 IKE bypass policy failed"); + } + if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface, + s, AF_INET6)) + { + DBG1(DBG_NET, "installing IPv6 IKE bypass policy failed"); + } return s; } |