From a9f14ada34554bc42b819f8196899a002bade27b Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 10 Jul 2013 10:56:08 +0200 Subject: kernel-pfkey: Correctly handle IPSEC_PROTO_ANY in an acquire --- src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c') diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index d975f15b9..dd9d354b1 100644 --- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -981,6 +981,10 @@ static traffic_selector_t* sadb_address2ts(struct sadb_address *address) { traffic_selector_t *ts; host_t *host; + u_int8_t proto; + + proto = address->sadb_address_proto; + proto = proto == IPSEC_PROTO_ANY ? 0 : proto; /* The Linux 2.6 kernel does not set the protocol and port information * in the src and dst sadb_address extensions of the SADB_ACQUIRE message. @@ -988,8 +992,7 @@ static traffic_selector_t* sadb_address2ts(struct sadb_address *address) host = host_create_from_sockaddr((sockaddr_t*)&address[1]); ts = traffic_selector_create_from_subnet(host, address->sadb_address_prefixlen, - address->sadb_address_proto, - host->get_port(host), + proto, host->get_port(host), host->get_port(host) ?: 65535); return ts; } -- cgit v1.2.3