aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/plugins/kernel_netlink
diff options
context:
space:
mode:
Diffstat (limited to 'src/charon/plugins/kernel_netlink')
-rw-r--r--src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c
index d0c9b721b..6832222a4 100644
--- a/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -1756,6 +1756,7 @@ static bool add_bypass_policies()
{
int fd, family, port;
enumerator_t *sockets;
+ bool status = TRUE;
/* we open an AF_KEY socket to autoload the af_key module. Otherwise
* setsockopt(IPSEC_POLICY) won't work. */
@@ -1797,17 +1798,20 @@ static bool add_bypass_policies()
{
DBG1(DBG_KNL, "unable to set IPSEC_POLICY on socket: %s",
strerror(errno));
- return FALSE;
+ status = FALSE;
+ break;
}
policy.sadb_x_policy_dir = IPSEC_DIR_INBOUND;
if (setsockopt(fd, sol, ipsec_policy, &policy, sizeof(policy)) < 0)
{
DBG1(DBG_KNL, "unable to set IPSEC_POLICY on socket: %s",
strerror(errno));
- return FALSE;
+ status = FALSE;
+ break;
}
}
- return TRUE;
+ sockets->destroy(sockets);
+ return status;
}
/*
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 11:27:56 +0000