From 85b238887d01c030a7d9240db2031601211a6283 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 13 Nov 2014 15:26:10 +0100 Subject: child-sa: Replace reqid based marks by "unique" marks As we now use the same reqid for multiple CHILD_SAs with the same selectors, having marks based on the reqid makes not that much sense anymore. Instead we use unique marks that use a custom identifier. This identifier is reused during rekeying, keeping the marks constant for any rule relying on it (for example installed by updown). This also simplifies handling of reqid allocation, as we do not have to query the marks that is not yet assigned for an unknown reqid. --- src/libcharon/plugins/ha/ha_dispatcher.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/libcharon/plugins/ha/ha_dispatcher.c') diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c index e20e872c1..6e02733f9 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.c +++ b/src/libcharon/plugins/ha/ha_dispatcher.c @@ -718,7 +718,8 @@ static void process_child_add(private_ha_dispatcher_t *this, child_sa = child_sa_create(ike_sa->get_my_host(ike_sa), ike_sa->get_other_host(ike_sa), config, 0, - ike_sa->has_condition(ike_sa, COND_NAT_ANY)); + ike_sa->has_condition(ike_sa, COND_NAT_ANY), + 0, 0); child_sa->set_mode(child_sa, mode); child_sa->set_protocol(child_sa, PROTO_ESP); child_sa->set_ipcomp(child_sa, ipcomp); -- cgit v1.2.3 From 246c969d8bc98194c300989d545d8fa40e246399 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 28 Oct 2014 10:54:38 +0100 Subject: ike: Consistently log CHILD_SAs with their unique_id instead of their reqid --- src/libcharon/plugins/ha/ha_dispatcher.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/plugins/ha/ha_dispatcher.c') diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c index 6e02733f9..983f9d8fc 100644 --- a/src/libcharon/plugins/ha/ha_dispatcher.c +++ b/src/libcharon/plugins/ha/ha_dispatcher.c @@ -836,7 +836,7 @@ static void process_child_add(private_ha_dispatcher_t *this, DBG1(DBG_CFG, "installed HA CHILD_SA %s{%d} %#R=== %#R " "(segment in: %d%s, out: %d%s)", child_sa->get_name(child_sa), - child_sa->get_reqid(child_sa), local_ts, remote_ts, + child_sa->get_unique_id(child_sa), local_ts, remote_ts, seg_i, this->segments->is_active(this->segments, seg_i) ? "*" : "", seg_o, this->segments->is_active(this->segments, seg_o) ? "*" : ""); child_sa->add_policies(child_sa, local_ts, remote_ts); -- cgit v1.2.3