From b4872c1e0963010525ff24c9562e26097fdd0d1b Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 19 Jul 2010 11:25:47 +0200
Subject: Replaced the protocol argument in add_policy with an optional SPI for
 an AH SA.

---
 src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c')

diff --git a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c
index 166df54fe..f0a9e5504 100644
--- a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c
+++ b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c
@@ -1969,7 +1969,7 @@ METHOD(kernel_ipsec_t, del_sa, status_t,
 METHOD(kernel_ipsec_t, add_policy, status_t,
 	private_kernel_klips_ipsec_t *this, host_t *src, host_t *dst,
 	traffic_selector_t *src_ts, traffic_selector_t *dst_ts,
-	policy_dir_t direction, u_int32_t spi, u_int8_t protocol,
+	policy_dir_t direction, u_int32_t spi, u_int32_t ah_spi,
 	u_int32_t reqid, mark_t mark, ipsec_mode_t mode, u_int16_t ipcomp,
 	u_int16_t cpi, bool routed)
 {
@@ -1987,7 +1987,7 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
 
 	/* tunnel mode policies direct the packets into the pseudo IPIP SA */
 	satype = (mode == MODE_TUNNEL) ? SADB_X_SATYPE_IPIP :
-									 proto2satype(protocol);
+									 proto2satype(spi ? IPPROTO_ESP : IPPROTO_AH);
 
 	/* create a policy */
 	policy = create_policy_entry(src_ts, dst_ts, direction);
-- 
cgit v1.2.3