From 1087b9cebbc41c0e15c783c95875d8783544e1ce Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Thu, 27 Aug 2009 16:07:30 +0200 Subject: Set the packet and byte limits in the netlink and pfkey kernel interfaces. --- src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c') diff --git a/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index a37a1b01f..4eff8e259 100644 --- a/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -1287,13 +1287,19 @@ static status_t add_sa(private_kernel_pfkey_ipsec_t *this, lft = (struct sadb_lifetime*)PFKEY_EXT_ADD_NEXT(msg); lft->sadb_lifetime_exttype = SADB_EXT_LIFETIME_SOFT; lft->sadb_lifetime_len = PFKEY_LEN(sizeof(struct sadb_lifetime)); + lft->sadb_lifetime_allocations = lifetime->rekey_packets; + lft->sadb_lifetime_bytes = lifetime->rekey_bytes; lft->sadb_lifetime_addtime = lifetime->rekey_time; + lft->sadb_lifetime_usetime = 0; /* we only use addtime */ PFKEY_EXT_ADD(msg, lft); lft = (struct sadb_lifetime*)PFKEY_EXT_ADD_NEXT(msg); lft->sadb_lifetime_exttype = SADB_EXT_LIFETIME_HARD; lft->sadb_lifetime_len = PFKEY_LEN(sizeof(struct sadb_lifetime)); + lft->sadb_lifetime_allocations = lifetime->life_packets; + lft->sadb_lifetime_bytes = lifetime->life_bytes; lft->sadb_lifetime_addtime = lifetime->life_time; + lft->sadb_lifetime_usetime = 0; /* we only use addtime */ PFKEY_EXT_ADD(msg, lft); if (enc_alg != ENCR_UNDEFINED) -- cgit v1.2.3