Merge tag 'upstream/5.1.1'

Upstream version 5.1.1
author: Yves-Alexis Perez <corsac@debian.org> 2013-11-01 13:32:07 +0100
committer: Yves-Alexis Perez <corsac@debian.org> 2013-11-01 13:32:07 +0100
commit: a54780509260a8cb6f0344f531da168b34410dd5 (patch)
tree: 477239a312679174252f39f7a80bc8bf33836d9a /src/libcharon/plugins/stroke/stroke_control.c
parent: 6e50941f7ce9c6f2d6888412968c7f4ffb495379 (diff)
parent: 5313d2d78ca150515f7f5eb39801c100690b6b29 (diff)
download: vyos-strongswan-a54780509260a8cb6f0344f531da168b34410dd5.tar.gz
vyos-strongswan-a54780509260a8cb6f0344f531da168b34410dd5.zip
1 files changed, 45 insertions, 1 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_control.c b/src/libcharon/plugins/stroke/stroke_control.c
index fdd1635a6..b583bfc53 100644
--- a/src/libcharon/plugins/stroke/stroke_control.c
+++ b/src/libcharon/plugins/stroke/stroke_control.c
@@ -1,4 +1,5 @@
 /*
+ * Copyright (C) 2013 Tobias Brunner
  * Copyright (C) 2008 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -580,12 +581,54 @@ METHOD(stroke_control_t, purge_ike, void,
 }
 
 /**
+ * Find an existing CHILD_SA/reqid
+ */
+static u_int32_t find_reqid(child_cfg_t *child_cfg)
+{
+	enumerator_t *enumerator, *children;
+	child_sa_t *child_sa;
+	ike_sa_t *ike_sa;
+	char *name;
+	u_int32_t reqid;
+
+	reqid = charon->traps->find_reqid(charon->traps, child_cfg);
+	if (reqid)
+	{	/* already trapped */
+		return reqid;
+	}
+
+	name = child_cfg->get_name(child_cfg);
+	enumerator = charon->controller->create_ike_sa_enumerator(
+													charon->controller, TRUE);
+	while (enumerator->enumerate(enumerator, &ike_sa))
+	{
+		children = ike_sa->create_child_sa_enumerator(ike_sa);
+		while (children->enumerate(children, (void**)&child_sa))
+		{
+			if (streq(name, child_sa->get_name(child_sa)))
+			{
+				reqid = child_sa->get_reqid(child_sa);
+				break;
+			}
+		}
+		children->destroy(children);
+		if (reqid)
+		{
+			break;
+		}
+	}
+	enumerator->destroy(enumerator);
+	return reqid;
+}
+
+/**
  * call charon to install a shunt or trap
  */
 static void charon_route(peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
 						 char *name, FILE *out)
 {
 	ipsec_mode_t mode;
+	u_int32_t reqid;
 
 	mode = child_cfg->get_mode(child_cfg);
 	if (mode == MODE_PASS || mode == MODE_DROP)
@@ -603,7 +646,8 @@ static void charon_route(peer_cfg_t *peer_cfg, child_cfg_t *child_cfg,
 	}
 	else
 	{
-		if (charon->traps->install(charon->traps, peer_cfg, child_cfg, 0))
+		reqid = find_reqid(child_cfg);
+		if (charon->traps->install(charon->traps, peer_cfg, child_cfg, reqid))
 		{
 			fprintf(out, "'%s' routed\n", name);
 		}
author	Yves-Alexis Perez <corsac@debian.org>	2013-11-01 13:32:07 +0100
committer	Yves-Alexis Perez <corsac@debian.org>	2013-11-01 13:32:07 +0100
commit	a54780509260a8cb6f0344f531da168b34410dd5 (patch)
tree	477239a312679174252f39f7a80bc8bf33836d9a /src/libcharon/plugins/stroke/stroke_control.c
parent	6e50941f7ce9c6f2d6888412968c7f4ffb495379 (diff)
parent	5313d2d78ca150515f7f5eb39801c100690b6b29 (diff)
download	vyos-strongswan-a54780509260a8cb6f0344f531da168b34410dd5.tar.gz vyos-strongswan-a54780509260a8cb6f0344f531da168b34410dd5.zip