From f5ddda7f5769d8ab46ab5959bb0c9847982d7054 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 5 Dec 2013 14:29:05 +0100
Subject: kernel-wfp: Register a WFP provider to manage IPsec tunnels

---
 .../plugins/kernel_wfp/kernel_wfp_ipsec.c          | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

(limited to 'src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c')

diff --git a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
index 0910efc9b..dd77b3a7c 100644
--- a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
+++ b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
@@ -58,6 +58,11 @@ struct private_kernel_wfp_ipsec_t {
 	 * WFP session handle
 	 */
 	HANDLE handle;
+
+	/**
+	 * Provider charon registers as
+	 */
+	FWPM_PROVIDER0 provider;
 };
 
 /**
@@ -1182,6 +1187,7 @@ METHOD(kernel_ipsec_t, destroy, void,
 {
 	if (this->handle)
 	{
+		FwpmProviderDeleteByKey0(this->handle, &this->provider.providerKey);
 		FwpmEngineClose0(this->handle);
 	}
 	this->entries->destroy(this->entries);
@@ -1224,6 +1230,14 @@ kernel_wfp_ipsec_t *kernel_wfp_ipsec_create()
 				.destroy = _destroy,
 			},
 		},
+		.provider = {
+			.displayData = {
+				.name = L"charon",
+				.description = L"strongSwan IKE kernel-wfp backend",
+			},
+			.providerKey = { 0x59cdae2e, 0xf6bb, 0x4c09,
+							{ 0xa9,0x59,0x9d,0x91,0xac,0xaf,0xf9,0x19 }},
+		},
 		.nextspi = htonl(0xc0000001),
 		.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
 		.entries = hashtable_create(hashtable_hash_ptr,
@@ -1240,5 +1254,13 @@ kernel_wfp_ipsec_t *kernel_wfp_ipsec_create()
 		return NULL;
 	}
 
+	res = FwpmProviderAdd0(this->handle, &this->provider, NULL);
+	if (res != ERROR_SUCCESS && res != FWP_E_ALREADY_EXISTS)
+	{
+		DBG1(DBG_KNL, "registering WFP provider failed: 0x%08x", res);
+		destroy(this);
+		return NULL;
+	}
+
 	return &this->public;
 }
-- 
cgit v1.2.3