diff options
| author | Martin Willi <martin@revosec.ch> | 2012-09-11 12:46:31 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-09-11 16:18:28 +0200 |
| commit | 4cb0783f3c828ec4b9cc158dd87162d249b2fb62 (patch) | |
| tree | 4b5254046e5d6a9c8a722c9fd9c3dcf216902b2b /src | |
| parent | c7294f7a58f5c7bf9273e324299c8b311cfecaae (diff) | |
| download | strongswan-4cb0783f3c828ec4b9cc158dd87162d249b2fb62.tar.bz2 strongswan-4cb0783f3c828ec4b9cc158dd87162d249b2fb62.tar.xz | |
Don't return a subset for a dynamic TS unless set_address has been called
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/selectors/traffic_selector.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c index 38d4b2d06..66eeefff5 100644 --- a/src/libstrongswan/selectors/traffic_selector.c +++ b/src/libstrongswan/selectors/traffic_selector.c @@ -310,6 +310,10 @@ int traffic_selector_printf_hook(printf_hook_data_t *data, */ static traffic_selector_t *get_subset(private_traffic_selector_t *this, private_traffic_selector_t *other) { + if (this->dynamic || other->dynamic) + { /* no set_address() applied, TS has no subset */ + return NULL; + } if (this->type == other->type && (this->protocol == other->protocol || this->protocol == 0 || other->protocol == 0)) { @@ -367,7 +371,6 @@ static traffic_selector_t *get_subset(private_traffic_selector_t *this, private_ /* we have a match in protocol, port, and address: return it... */ new_ts = traffic_selector_create(protocol, this->type, from_port, to_port); - new_ts->dynamic = this->dynamic || other->dynamic; memcpy(new_ts->from, from, size); memcpy(new_ts->to, to, size); calc_netbits(new_ts); @@ -528,6 +531,7 @@ METHOD(traffic_selector_t, set_address, void, memcpy(this->to, from.ptr, from.len); this->netbits = from.len * 8; } + this->dynamic = FALSE; } } |