summaryrefslogtreecommitdiff
path: root/src/charon/sa/child_sa.c
diff options
context:
space:
mode:
authorRene Mayrhofer <rene@mayrhofer.eu.org>2008-10-29 11:11:01 +0000
committerRene Mayrhofer <rene@mayrhofer.eu.org>2008-10-29 11:11:01 +0000
commit8b80ab5a6950ce6515f477624794defd7531642a (patch)
treeaa8303f3806c5615fbeafc4dc82febe3cd7c24dc /src/charon/sa/child_sa.c
parentdb67c87db3c9089ea8d2e14f617bf3d9e2af261f (diff)
downloadvyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.tar.gz
vyos-strongswan-8b80ab5a6950ce6515f477624794defd7531642a.zip
[svn-upgrade] Integrating new upstream version, strongswan (4.2.8)
Diffstat (limited to 'src/charon/sa/child_sa.c')
-rw-r--r--src/charon/sa/child_sa.c50
1 files changed, 34 insertions, 16 deletions
diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c
index 2a6b6f67c..7c4b398cf 100644
--- a/src/charon/sa/child_sa.c
+++ b/src/charon/sa/child_sa.c
@@ -15,7 +15,7 @@
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*
- * $Id: child_sa.c 3920 2008-05-08 16:19:11Z tobias $
+ * $Id: child_sa.c 4358 2008-09-25 13:56:23Z tobias $
*/
#define _GNU_SOURCE
@@ -163,7 +163,7 @@ struct private_child_sa_t {
/**
* mode this SA uses, tunnel/transport
*/
- mode_t mode;
+ ipsec_mode_t mode;
/**
* virtual IP assinged to local host
@@ -210,6 +210,18 @@ u_int32_t get_spi(private_child_sa_t *this, bool inbound)
}
/**
+ * Implements child_sa_t.get_cpi
+ */
+u_int16_t get_cpi(private_child_sa_t *this, bool inbound)
+{
+ if (inbound)
+ {
+ return this->me.cpi;
+ }
+ return this->other.cpi;
+}
+
+/**
* Implements child_sa_t.get_protocol
*/
protocol_id_t get_protocol(private_child_sa_t *this)
@@ -236,7 +248,7 @@ static child_cfg_t* get_config(private_child_sa_t *this)
/**
* Implementation of child_sa_t.get_stats.
*/
-static void get_stats(private_child_sa_t *this, mode_t *mode,
+static void get_stats(private_child_sa_t *this, ipsec_mode_t *mode,
encryption_algorithm_t *encr_algo, size_t *encr_len,
integrity_algorithm_t *int_algo, size_t *int_len,
u_int32_t *rekey, u_int32_t *use_in, u_int32_t *use_out,
@@ -514,7 +526,7 @@ static status_t alloc(private_child_sa_t *this, linked_list_t *proposals)
}
static status_t install(private_child_sa_t *this, proposal_t *proposal,
- mode_t mode, prf_plus_t *prf_plus, bool mine)
+ ipsec_mode_t mode, prf_plus_t *prf_plus, bool mine)
{
u_int32_t spi, soft, hard;
host_t *src;
@@ -605,7 +617,7 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal,
}
static status_t add(private_child_sa_t *this, proposal_t *proposal,
- mode_t mode, prf_plus_t *prf_plus)
+ ipsec_mode_t mode, prf_plus_t *prf_plus)
{
u_int32_t outbound_spi, inbound_spi;
@@ -637,7 +649,7 @@ static status_t add(private_child_sa_t *this, proposal_t *proposal,
}
static status_t update(private_child_sa_t *this, proposal_t *proposal,
- mode_t mode, prf_plus_t *prf_plus)
+ ipsec_mode_t mode, prf_plus_t *prf_plus)
{
u_int32_t inbound_spi;
@@ -662,14 +674,19 @@ static status_t update(private_child_sa_t *this, proposal_t *proposal,
}
static status_t add_policies(private_child_sa_t *this,
- linked_list_t *my_ts_list,
- linked_list_t *other_ts_list, mode_t mode)
+ linked_list_t *my_ts_list, linked_list_t *other_ts_list,
+ ipsec_mode_t mode, protocol_id_t proto)
{
iterator_t *my_iter, *other_iter;
traffic_selector_t *my_ts, *other_ts;
/* use low prio for ROUTED policies */
bool high_prio = (this->state != CHILD_CREATED);
+ if (this->protocol == PROTO_NONE)
+ { /* update if not set yet */
+ this->protocol = proto;
+ }
+
/* iterate over both lists */
my_iter = my_ts_list->create_iterator(my_ts_list, TRUE);
other_iter = other_ts_list->create_iterator(other_ts_list, TRUE);
@@ -919,9 +936,9 @@ static void activate_ipcomp(private_child_sa_t *this, ipcomp_transform_t ipcomp,
}
/**
- * Implementation of child_sa_t.get_my_cpi.
+ * Implementation of child_sa_t.allocate_cpi.
*/
-static u_int16_t get_my_cpi(private_child_sa_t *this)
+static u_int16_t allocate_cpi(private_child_sa_t *this)
{
if (!this->cpi_allocated)
{
@@ -968,7 +985,7 @@ static void destroy(private_child_sa_t *this)
if (this->me.cpi)
{
charon->kernel_interface->del_sa(charon->kernel_interface,
- this->other.addr, htonl(ntohs(this->me.cpi)), IPPROTO_COMP);
+ this->me.addr, htonl(ntohs(this->me.cpi)), IPPROTO_COMP);
}
if (this->other.cpi)
{
@@ -1023,20 +1040,21 @@ child_sa_t * child_sa_create(host_t *me, host_t* other,
this->public.get_name = (char*(*)(child_sa_t*))get_name;
this->public.get_reqid = (u_int32_t(*)(child_sa_t*))get_reqid;
this->public.get_spi = (u_int32_t(*)(child_sa_t*, bool))get_spi;
+ this->public.get_cpi = (u_int16_t(*)(child_sa_t*, bool))get_cpi;
this->public.get_protocol = (protocol_id_t(*)(child_sa_t*))get_protocol;
- this->public.get_stats = (void(*)(child_sa_t*, mode_t*,encryption_algorithm_t*,size_t*,integrity_algorithm_t*,size_t*,u_int32_t*,u_int32_t*,u_int32_t*,u_int32_t*))get_stats;
+ this->public.get_stats = (void(*)(child_sa_t*, ipsec_mode_t*,encryption_algorithm_t*,size_t*,integrity_algorithm_t*,size_t*,u_int32_t*,u_int32_t*,u_int32_t*,u_int32_t*))get_stats;
this->public.alloc = (status_t(*)(child_sa_t*,linked_list_t*))alloc;
- this->public.add = (status_t(*)(child_sa_t*,proposal_t*,mode_t,prf_plus_t*))add;
- this->public.update = (status_t(*)(child_sa_t*,proposal_t*,mode_t,prf_plus_t*))update;
+ this->public.add = (status_t(*)(child_sa_t*,proposal_t*,ipsec_mode_t,prf_plus_t*))add;
+ this->public.update = (status_t(*)(child_sa_t*,proposal_t*,ipsec_mode_t,prf_plus_t*))update;
this->public.update_hosts = (status_t (*)(child_sa_t*,host_t*,host_t*,bool))update_hosts;
- this->public.add_policies = (status_t (*)(child_sa_t*, linked_list_t*,linked_list_t*,mode_t))add_policies;
+ this->public.add_policies = (status_t (*)(child_sa_t*, linked_list_t*,linked_list_t*,ipsec_mode_t,protocol_id_t))add_policies;
this->public.get_traffic_selectors = (linked_list_t*(*)(child_sa_t*,bool))get_traffic_selectors;
this->public.get_use_time = (status_t (*)(child_sa_t*,bool,time_t*))get_use_time;
this->public.set_state = (void(*)(child_sa_t*,child_sa_state_t))set_state;
this->public.get_state = (child_sa_state_t(*)(child_sa_t*))get_state;
this->public.get_config = (child_cfg_t*(*)(child_sa_t*))get_config;
this->public.activate_ipcomp = (void(*)(child_sa_t*,ipcomp_transform_t,u_int16_t))activate_ipcomp;
- this->public.get_my_cpi = (u_int16_t(*)(child_sa_t*))get_my_cpi;
+ this->public.allocate_cpi = (u_int16_t(*)(child_sa_t*))allocate_cpi;
this->public.set_virtual_ip = (void(*)(child_sa_t*,host_t*))set_virtual_ip;
this->public.destroy = (void(*)(child_sa_t*))destroy;