aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c')
-rw-r--r--src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
index b2ccbe041..1d5e3b2bd 100644
--- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -1369,6 +1369,11 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
default:
break;
}
+ if (id->proto == IPPROTO_AH && sa->family == AF_INET)
+ { /* use alignment to 4 bytes for IPv4 instead of the incorrect 8 byte
+ * alignment that's used by default but is only valid for IPv6 */
+ sa->flags |= XFRM_STATE_ALIGN4;
+ }
sa->reqid = data->reqid;
sa->lft.soft_byte_limit = XFRM_LIMIT(data->lifetime->bytes.rekey);
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-18 09:57:27 +0000