From 6101ee9b063032cc72f95bca3d28561c4ab61ac5 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Sat, 16 Jul 2011 11:09:38 +0200 Subject: added log and status output for ESN --- src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c') diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c index a1c0d8407..333b2d0bd 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -254,7 +254,8 @@ struct private_kernel_netlink_ipsec_t { mutex_t *mutex; /** - * Hash table of installed policies (policy_entry_t) + * Hash table of installed policies (policy_entry_t) DBG2(DBG_KNL, " using extended sequence numbers (ESN)"); + */ hashtable_t *policies; @@ -1414,10 +1415,13 @@ METHOD(kernel_ipsec_t, add_sa, status_t, /* bmp_len contains number uf __u32's */ replay->bmp_len = this->replay_bmp; replay->replay_window = this->replay_window; + DBG2(DBG_KNL, " using replay window of %u bytes", + this->replay_window); rthdr = XFRM_RTA_NEXT(rthdr); if (esn) { + DBG2(DBG_KNL, " using extended sequence numbers (ESN)"); sa->flags |= XFRM_STATE_ESN; } } -- cgit v1.2.3