From 30c009c2fea0a51d3e899ce64418ba4e3e7b3865 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Mon, 16 Jun 2014 17:31:43 +0200
Subject: kernel-interface: Add a replay_window parameter to add_sa()

---
 src/libhydra/kernel/kernel_ipsec.h | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/libhydra/kernel/kernel_ipsec.h')

diff --git a/src/libhydra/kernel/kernel_ipsec.h b/src/libhydra/kernel/kernel_ipsec.h
index 25f5b38fd..eec7401e9 100644
--- a/src/libhydra/kernel/kernel_ipsec.h
+++ b/src/libhydra/kernel/kernel_ipsec.h
@@ -101,6 +101,7 @@ struct kernel_ipsec_t {
 	 * @param mode			mode of the SA (tunnel, transport)
 	 * @param ipcomp		IPComp transform to use
 	 * @param cpi			CPI for IPComp
+	 * @param replay_window	anti-replay window size
 	 * @param initiator		TRUE if initiator of the exchange creating this SA
 	 * @param encap			enable UDP encapsulation for NAT traversal
 	 * @param esn			TRUE to use Extended Sequence Numbers
@@ -116,6 +117,7 @@ struct kernel_ipsec_t {
 						u_int16_t enc_alg, chunk_t enc_key,
 						u_int16_t int_alg, chunk_t int_key,
 						ipsec_mode_t mode, u_int16_t ipcomp, u_int16_t cpi,
+						u_int32_t replay_window,
 						bool initiator, bool encap, bool esn, bool inbound,
 						traffic_selector_t *src_ts, traffic_selector_t *dst_ts);
 
-- 
cgit v1.2.3