diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2013-08-25 15:37:26 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2013-08-25 15:37:26 +0200 |
| commit | 6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349 (patch) | |
| tree | 009fc492961e13860d2a4bc2de8caf2bbe2975e7 /src/libcharon/plugins/unity/unity_narrow.c | |
| parent | c83921a2b566aa9d55d8ccc7258f04fca6292ee6 (diff) | |
| download | vyos-strongswan-6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349.tar.gz vyos-strongswan-6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349.zip | |
Imported Upstream version 5.1.0
Diffstat (limited to 'src/libcharon/plugins/unity/unity_narrow.c')
| -rw-r--r-- | src/libcharon/plugins/unity/unity_narrow.c | 43 |
1 files changed, 32 insertions, 11 deletions
diff --git a/src/libcharon/plugins/unity/unity_narrow.c b/src/libcharon/plugins/unity/unity_narrow.c index 56de0028f..edff51a08 100644 --- a/src/libcharon/plugins/unity/unity_narrow.c +++ b/src/libcharon/plugins/unity/unity_narrow.c @@ -36,13 +36,32 @@ struct private_unity_narrow_t { }; /** + * Narrow the given received traffic selector with the child configuration and + * put them into the given list of TS + */ +static void narrow_ts(child_cfg_t *cfg, traffic_selector_t *ts, + linked_list_t *list) +{ + linked_list_t *received, *selected; + + received = linked_list_create(); + received->insert_last(received, ts); + selected = cfg->get_traffic_selectors(cfg, FALSE, received, NULL); + while (selected->remove_first(selected, (void**)&ts) == SUCCESS) + { + list->insert_last(list, ts); + } + selected->destroy(selected); + received->destroy(received); +} + +/** * Narrow TS as initiator to Unity Split-Include/Local-LAN */ static void narrow_initiator(private_unity_narrow_t *this, ike_sa_t *ike_sa, child_cfg_t *cfg, linked_list_t *remote) { traffic_selector_t *current, *orig = NULL; - linked_list_t *received, *selected; enumerator_t *enumerator; enumerator = this->handler->create_include_enumerator(this->handler, @@ -56,16 +75,7 @@ static void narrow_initiator(private_unity_narrow_t *this, ike_sa_t *ike_sa, break; } } - /* narrow received Unity TS with the child configuration */ - received = linked_list_create(); - received->insert_last(received, current); - selected = cfg->get_traffic_selectors(cfg, FALSE, received, NULL); - while (selected->remove_first(selected, (void**)¤t) == SUCCESS) - { - remote->insert_last(remote, current); - } - selected->destroy(selected); - received->destroy(received); + narrow_ts(cfg, current, remote); } enumerator->destroy(enumerator); if (orig) @@ -75,6 +85,15 @@ static void narrow_initiator(private_unity_narrow_t *this, ike_sa_t *ike_sa, UNITY_SPLIT_INCLUDE, remote); orig->destroy(orig); } + else + { /* since we originally changed the traffic selector to 0.0.0.0/0 local + * narrowing is not applied if no Split-Include attrs are received */ + if (remote->remove_first(remote, (void**)&orig) == SUCCESS) + { + narrow_ts(cfg, orig, remote); + orig->destroy(orig); + } + } } /** @@ -93,6 +112,8 @@ static void narrow_initiator_pre(linked_list_t *list) "255.255.255.255", 65535); if (ts) { + DBG2(DBG_CFG, "changing proposed traffic selectors for other:"); + DBG2(DBG_CFG, " %R", ts); list->insert_last(list, ts); } } |