diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2013-08-25 15:37:26 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2013-08-25 15:37:26 +0200 |
| commit | 6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349 (patch) | |
| tree | 009fc492961e13860d2a4bc2de8caf2bbe2975e7 /src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c | |
| parent | c83921a2b566aa9d55d8ccc7258f04fca6292ee6 (diff) | |
| download | vyos-strongswan-6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349.tar.gz vyos-strongswan-6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349.zip | |
Imported Upstream version 5.1.0
Diffstat (limited to 'src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c')
| -rw-r--r-- | src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c index a120b3d00..82f80fd4c 100644 --- a/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c +++ b/src/libhydra/plugins/kernel_klips/kernel_klips_ipsec.c @@ -78,7 +78,7 @@ /** this is the default number of ipsec devices */ #define DEFAULT_IPSEC_DEV_COUNT 4 /** TRUE if the given name matches an ipsec device */ -#define IS_IPSEC_DEV(name) (strneq((name), IPSEC_DEV_PREFIX, sizeof(IPSEC_DEV_PREFIX) - 1)) +#define IS_IPSEC_DEV(name) (strpfx((name), IPSEC_DEV_PREFIX)) /** the following stuff is from ipsec_tunnel.h */ struct ipsectunnelconf @@ -1682,8 +1682,8 @@ METHOD(kernel_ipsec_t, add_sa, status_t, u_int8_t protocol, u_int32_t reqid, mark_t mark, u_int32_t tfc, lifetime_cfg_t *lifetime, u_int16_t enc_alg, chunk_t enc_key, u_int16_t int_alg, chunk_t int_key, ipsec_mode_t mode, - u_int16_t ipcomp, u_int16_t cpi, bool encap, bool esn, bool inbound, - traffic_selector_t *src_ts, traffic_selector_t *dst_ts) + u_int16_t ipcomp, u_int16_t cpi, bool initiator, bool encap, bool esn, + bool inbound, traffic_selector_t *src_ts, traffic_selector_t *dst_ts) { unsigned char request[PFKEY_BUFFER_SIZE]; struct sadb_msg *msg, *out; @@ -1911,7 +1911,7 @@ METHOD(kernel_ipsec_t, update_sa, status_t, METHOD(kernel_ipsec_t, query_sa, status_t, private_kernel_klips_ipsec_t *this, host_t *src, host_t *dst, u_int32_t spi, u_int8_t protocol, mark_t mark, - u_int64_t *bytes, u_int64_t *packets) + u_int64_t *bytes, u_int64_t *packets, u_int32_t *time) { return NOT_SUPPORTED; /* TODO */ } @@ -2022,7 +2022,7 @@ METHOD(kernel_ipsec_t, add_policy, status_t, else { /* apply the new one, if we have no such policy */ - this->policies->insert_last(this->policies, policy); + this->policies->insert_first(this->policies, policy); } if (priority == POLICY_PRIORITY_ROUTED) @@ -2088,7 +2088,8 @@ METHOD(kernel_ipsec_t, add_policy, status_t, this->mutex->lock(this->mutex); /* we try to find the policy again and install the route if needed */ - if (this->policies->find_last(this->policies, NULL, (void**)&policy) != SUCCESS) + if (this->policies->find_first(this->policies, NULL, + (void**)&policy) != SUCCESS) { this->mutex->unlock(this->mutex); DBG2(DBG_KNL, "the policy %R === %R %N is already gone, ignoring", @@ -2118,7 +2119,7 @@ METHOD(kernel_ipsec_t, add_policy, status_t, this->install_routes) { hydra->kernel_interface->get_address_by_ts(hydra->kernel_interface, - src_ts, &route->src_ip); + src_ts, &route->src_ip, NULL); } if (!route->src_ip) @@ -2332,7 +2333,7 @@ METHOD(kernel_ipsec_t, query_policy, status_t, while (fgets(line, sizeof(line), file)) { - if (strneq(line, said, strlen(said))) + if (strpfx(line, said)) { /* fine we found the correct line, now find the idle time */ u_int32_t idle_time; |