diff options
| author | Martin Willi <martin@revosec.ch> | 2012-09-13 15:57:06 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2012-09-18 17:17:48 +0200 |
| commit | 7a7deec2831f0abf1ec93b118ccdf5c7b10ce152 (patch) | |
| tree | 8d7c9aec97ac4ed431d3132456b510ea3f0ab5ec /src | |
| parent | b8db3775f3e59f9f144d0ed9020bf7556570f282 (diff) | |
| download | strongswan-7a7deec2831f0abf1ec93b118ccdf5c7b10ce152.tar.bz2 strongswan-7a7deec2831f0abf1ec93b118ccdf5c7b10ce152.tar.xz | |
As initiator, narrow received Unity attributes to configured TS
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/plugins/unity/unity_narrow.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/src/libcharon/plugins/unity/unity_narrow.c b/src/libcharon/plugins/unity/unity_narrow.c index ef8c59e17..e081cb702 100644 --- a/src/libcharon/plugins/unity/unity_narrow.c +++ b/src/libcharon/plugins/unity/unity_narrow.c @@ -39,9 +39,10 @@ struct private_unity_narrow_t { * Narrow TS as initiator to Unity Split-Include/Local-LAN */ static void narrow_initiator(private_unity_narrow_t *this, ike_sa_t *ike_sa, - linked_list_t *remote) + child_cfg_t *cfg, linked_list_t *remote) { traffic_selector_t *current, *orig = NULL; + linked_list_t *received, *selected; enumerator_t *enumerator; enumerator = this->handler->create_include_enumerator(this->handler, @@ -55,11 +56,16 @@ static void narrow_initiator(private_unity_narrow_t *this, ike_sa_t *ike_sa, break; } } - current = orig->get_subset(orig, current); - if (current) + /* narrow received Unity TS with the child configuration */ + received = linked_list_create(); + received->insert_last(received, current); + selected = cfg->get_traffic_selectors(cfg, FALSE, received, NULL); + while (selected->remove_first(selected, (void**)¤t) == SUCCESS) { remote->insert_last(remote, current); } + selected->destroy(selected); + received->destroy(received); } enumerator->destroy(enumerator); if (orig) @@ -125,7 +131,8 @@ METHOD(listener_t, narrow, bool, narrow_pre(remote); break; case NARROW_INITIATOR_POST_AUTH: - narrow_initiator(this, ike_sa, remote); + narrow_initiator(this, ike_sa, + child_sa->get_config(child_sa), remote); break; case NARROW_RESPONDER: narrow_pre(local); |