aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c7
-rw-r--r--src/libhydra/kernel/kernel_interface.h2
2 files changed, 9 insertions, 0 deletions
diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
index 45b34062d..e304d955d 100644
--- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
+++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
@@ -223,6 +223,12 @@ static void expire(u_int32_t reqid, u_int8_t protocol, u_int32_t spi, bool hard)
spi, hard);
}
+METHOD(kernel_ipsec_t, get_features, kernel_feature_t,
+ private_kernel_libipsec_ipsec_t *this)
+{
+ return KERNEL_REQUIRE_UDP_ENCAPSULATION;
+}
+
METHOD(kernel_ipsec_t, get_spi, status_t,
private_kernel_libipsec_ipsec_t *this, host_t *src, host_t *dst,
u_int8_t protocol, u_int32_t reqid, u_int32_t *spi)
@@ -628,6 +634,7 @@ kernel_libipsec_ipsec_t *kernel_libipsec_ipsec_create()
INIT(this,
.public = {
.interface = {
+ .get_features = _get_features,
.get_spi = _get_spi,
.get_cpi = _get_cpi,
.add_sa = _add_sa,
diff --git a/src/libhydra/kernel/kernel_interface.h b/src/libhydra/kernel/kernel_interface.h
index 2e8a4c082..f73578167 100644
--- a/src/libhydra/kernel/kernel_interface.h
+++ b/src/libhydra/kernel/kernel_interface.h
@@ -67,6 +67,8 @@ enum kernel_feature_t {
KERNEL_ESP_V3_TFC = (1<<0),
/** Networking requires an "exclude" route for IKE/ESP packets */
KERNEL_REQUIRE_EXCLUDE_ROUTE = (1<<1),
+ /** IPsec implementation requires UDP encapsulation of ESP packets */
+ KERNEL_REQUIRE_UDP_ENCAPSULATION = (1<<2),
};
/**
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-18 21:09:51 +0000