1 files changed, 31 insertions, 2 deletions

diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index 12f160224..00c78a91b 100644
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -199,6 +199,14 @@ static int print_icmp(printf_hook_data_t *data, uint16_t port)
 }
 
 /**
+ * Print GRE key
+ */
+static int print_grekey(printf_hook_data_t *data, uint16_t from_port, uint16_t to_port)
+{
+	return print_in_hook(data, "%d", traffic_selector_grekey(from_port, to_port));
+}
+
+/**
  * Described in header.
  */
 int traffic_selector_printf_hook(printf_hook_data_t *data,
@@ -302,7 +310,11 @@ int traffic_selector_printf_hook(printf_hook_data_t *data,
 	/* build port string */
 	if (has_ports)
 	{
-		if (this->from_port == this->to_port)
+		if (this->protocol == IPPROTO_GRE)
+		{
+			written += print_grekey(data, this->from_port, this->to_port);
+		}
+		else if (this->from_port == this->to_port)
 		{
 			struct servent *serv;
 
@@ -376,7 +388,24 @@ METHOD(traffic_selector_t, get_subset, traffic_selector_t*,
 	/* select protocol, which is not zero */
 	protocol = max(this->protocol, other->protocol);
 
-	if ((is_opaque(this) && is_opaque(other)) ||
+	if (this->protocol == IPPROTO_GRE)
+	{
+		if (is_any(this))
+		{
+			from_port = other->from_port;
+			to_port = other->to_port;
+		}
+		else if (is_any(other) ||
+			 (this->from_port == other->from_port &&
+			  this->to_port == other->to_port))
+		{
+			from_port = this->from_port;
+			to_port = this->to_port;
+		}
+		else
+			return NULL;
+	}
+	else if ((is_opaque(this) && is_opaque(other)) ||
 		(is_opaque(this) && is_any(other)) ||
 		(is_opaque(other) && is_any(this)))
 	{