aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'src/libhydra/kernel')
-rw-r--r--src/libhydra/kernel/kernel_interface.c4
-rw-r--r--src/libhydra/kernel/kernel_interface.h6
-rw-r--r--src/libhydra/kernel/kernel_ipsec.h6
3 files changed, 8 insertions, 8 deletions
diff --git a/src/libhydra/kernel/kernel_interface.c b/src/libhydra/kernel/kernel_interface.c
index 77eaf68c4..bc9960509 100644
--- a/src/libhydra/kernel/kernel_interface.c
+++ b/src/libhydra/kernel/kernel_interface.c
@@ -131,7 +131,7 @@ METHOD(kernel_interface_t, del_sa, status_t,
METHOD(kernel_interface_t, add_policy, status_t,
private_kernel_interface_t *this, host_t *src, host_t *dst,
traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
- policy_dir_t direction, u_int32_t spi, u_int8_t protocol,
+ policy_dir_t direction, u_int32_t spi, u_int32_t ah_spi,
u_int32_t reqid, mark_t mark, ipsec_mode_t mode, u_int16_t ipcomp,
u_int16_t cpi, bool routed)
{
@@ -140,7 +140,7 @@ METHOD(kernel_interface_t, add_policy, status_t,
return NOT_SUPPORTED;
}
return this->ipsec->add_policy(this->ipsec, src, dst, src_ts, dst_ts,
- direction, spi, protocol, reqid, mark, mode, ipcomp, cpi, routed);
+ direction, spi, ah_spi, reqid, mark, mode, ipcomp, cpi, routed);
}
METHOD(kernel_interface_t, query_policy, status_t,
diff --git a/src/libhydra/kernel/kernel_interface.h b/src/libhydra/kernel/kernel_interface.h
index ec1f561cc..c3c3764c4 100644
--- a/src/libhydra/kernel/kernel_interface.h
+++ b/src/libhydra/kernel/kernel_interface.h
@@ -183,8 +183,8 @@ struct kernel_interface_t {
* @param src_ts traffic selector to match traffic source
* @param dst_ts traffic selector to match traffic dest
* @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param spi SPI of SA
- * @param protocol protocol to use to protect traffic (AH/ESP)
+ * @param spi SPI of optional ESP SA
+ * @param ah_spi SPI of optional AH SA
* @param reqid unique ID of an SA to use to enforce policy
* @param mark mark for this policy
* @param mode mode of SA (tunnel, transport)
@@ -198,7 +198,7 @@ struct kernel_interface_t {
traffic_selector_t *src_ts,
traffic_selector_t *dst_ts,
policy_dir_t direction, u_int32_t spi,
- u_int8_t protocol, u_int32_t reqid,
+ u_int32_t ah_spi, u_int32_t reqid,
mark_t mark, ipsec_mode_t mode, u_int16_t ipcomp,
u_int16_t cpi, bool routed);
diff --git a/src/libhydra/kernel/kernel_ipsec.h b/src/libhydra/kernel/kernel_ipsec.h
index ad3f64c5d..1a7f7b44d 100644
--- a/src/libhydra/kernel/kernel_ipsec.h
+++ b/src/libhydra/kernel/kernel_ipsec.h
@@ -258,8 +258,8 @@ struct kernel_ipsec_t {
* @param src_ts traffic selector to match traffic source
* @param dst_ts traffic selector to match traffic dest
* @param direction direction of traffic, POLICY_(IN|OUT|FWD)
- * @param spi SPI of SA
- * @param protocol protocol to use to protect traffic (AH/ESP)
+ * @param spi SPI of optional ESP SA
+ * @param ah_spi SPI of optional AH SA
* @param reqid unique ID of an SA to use to enforce policy
* @param mark mark for this policy
* @param mode mode of SA (tunnel, transport)
@@ -273,7 +273,7 @@ struct kernel_ipsec_t {
traffic_selector_t *src_ts,
traffic_selector_t *dst_ts,
policy_dir_t direction, u_int32_t spi,
- u_int8_t protocol, u_int32_t reqid,
+ u_int32_t ah_spi, u_int32_t reqid,
mark_t mark, ipsec_mode_t mode,
u_int16_t ipcomp, u_int16_t cpi, bool routed);
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 09:10:48 +0000