diff options
| -rw-r--r-- | conf/Makefile.am | 1 | ||||
| -rw-r--r-- | conf/plugins/kernel-pfkey.opt | 7 | ||||
| -rw-r--r-- | src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 13 |
3 files changed, 21 insertions, 0 deletions
diff --git a/conf/Makefile.am b/conf/Makefile.am index c6f8741cd..f10af25a2 100644 --- a/conf/Makefile.am +++ b/conf/Makefile.am @@ -64,6 +64,7 @@ plugins = \ plugins/led.opt \ plugins/kernel-libipsec.opt \ plugins/kernel-netlink.opt \ + plugins/kernel-pfkey.opt \ plugins/kernel-pfroute.opt \ plugins/load-tester.opt \ plugins/lookip.opt \ diff --git a/conf/plugins/kernel-pfkey.opt b/conf/plugins/kernel-pfkey.opt new file mode 100644 index 000000000..ec05215d3 --- /dev/null +++ b/conf/plugins/kernel-pfkey.opt @@ -0,0 +1,7 @@ +charon.plugins.kernel-pfkey.events_buffer_size = 0 + Size of the receive buffer for the event socket (0 for default size). + + Size of the receive buffer for the event socket (0 for default size). + Because events are received asynchronously installing e.g. lots of policies + may require a larger buffer than the default on certain platforms in order + to receive all messages. diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index 8b893f485..423b57e31 100644 --- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -2988,6 +2988,7 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create() { private_kernel_pfkey_ipsec_t *this; bool register_for_events = TRUE; + int rcv_buffer; INIT(this, .public = { @@ -3044,6 +3045,18 @@ kernel_pfkey_ipsec_t *kernel_pfkey_ipsec_create() return NULL; } + rcv_buffer = lib->settings->get_int(lib->settings, + "%s.plugins.kernel-pfkey.events_buffer_size", 0, lib->ns); + if (rcv_buffer > 0) + { + if (setsockopt(this->socket_events, SOL_SOCKET, SO_RCVBUF, + &rcv_buffer, sizeof(rcv_buffer)) == -1) + { + DBG1(DBG_KNL, "unable to set receive buffer size on PF_KEY " + "event socket: %s", strerror(errno)); + } + } + /* register the event socket */ if (register_pfkey_socket(this, SADB_SATYPE_ESP) != SUCCESS || register_pfkey_socket(this, SADB_SATYPE_AH) != SUCCESS) |