diff options
Diffstat (limited to 'src/charon/sa/child_sa.c')
| -rw-r--r-- | src/charon/sa/child_sa.c | 50 |
1 files changed, 34 insertions, 16 deletions
diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index 2a6b6f67c..7c4b398cf 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -15,7 +15,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * $Id: child_sa.c 3920 2008-05-08 16:19:11Z tobias $ + * $Id: child_sa.c 4358 2008-09-25 13:56:23Z tobias $ */ #define _GNU_SOURCE @@ -163,7 +163,7 @@ struct private_child_sa_t { /** * mode this SA uses, tunnel/transport */ - mode_t mode; + ipsec_mode_t mode; /** * virtual IP assinged to local host @@ -210,6 +210,18 @@ u_int32_t get_spi(private_child_sa_t *this, bool inbound) } /** + * Implements child_sa_t.get_cpi + */ +u_int16_t get_cpi(private_child_sa_t *this, bool inbound) +{ + if (inbound) + { + return this->me.cpi; + } + return this->other.cpi; +} + +/** * Implements child_sa_t.get_protocol */ protocol_id_t get_protocol(private_child_sa_t *this) @@ -236,7 +248,7 @@ static child_cfg_t* get_config(private_child_sa_t *this) /** * Implementation of child_sa_t.get_stats. */ -static void get_stats(private_child_sa_t *this, mode_t *mode, +static void get_stats(private_child_sa_t *this, ipsec_mode_t *mode, encryption_algorithm_t *encr_algo, size_t *encr_len, integrity_algorithm_t *int_algo, size_t *int_len, u_int32_t *rekey, u_int32_t *use_in, u_int32_t *use_out, @@ -514,7 +526,7 @@ static status_t alloc(private_child_sa_t *this, linked_list_t *proposals) } static status_t install(private_child_sa_t *this, proposal_t *proposal, - mode_t mode, prf_plus_t *prf_plus, bool mine) + ipsec_mode_t mode, prf_plus_t *prf_plus, bool mine) { u_int32_t spi, soft, hard; host_t *src; @@ -605,7 +617,7 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal, } static status_t add(private_child_sa_t *this, proposal_t *proposal, - mode_t mode, prf_plus_t *prf_plus) + ipsec_mode_t mode, prf_plus_t *prf_plus) { u_int32_t outbound_spi, inbound_spi; @@ -637,7 +649,7 @@ static status_t add(private_child_sa_t *this, proposal_t *proposal, } static status_t update(private_child_sa_t *this, proposal_t *proposal, - mode_t mode, prf_plus_t *prf_plus) + ipsec_mode_t mode, prf_plus_t *prf_plus) { u_int32_t inbound_spi; @@ -662,14 +674,19 @@ static status_t update(private_child_sa_t *this, proposal_t *proposal, } static status_t add_policies(private_child_sa_t *this, - linked_list_t *my_ts_list, - linked_list_t *other_ts_list, mode_t mode) + linked_list_t *my_ts_list, linked_list_t *other_ts_list, + ipsec_mode_t mode, protocol_id_t proto) { iterator_t *my_iter, *other_iter; traffic_selector_t *my_ts, *other_ts; /* use low prio for ROUTED policies */ bool high_prio = (this->state != CHILD_CREATED); + if (this->protocol == PROTO_NONE) + { /* update if not set yet */ + this->protocol = proto; + } + /* iterate over both lists */ my_iter = my_ts_list->create_iterator(my_ts_list, TRUE); other_iter = other_ts_list->create_iterator(other_ts_list, TRUE); @@ -919,9 +936,9 @@ static void activate_ipcomp(private_child_sa_t *this, ipcomp_transform_t ipcomp, } /** - * Implementation of child_sa_t.get_my_cpi. + * Implementation of child_sa_t.allocate_cpi. */ -static u_int16_t get_my_cpi(private_child_sa_t *this) +static u_int16_t allocate_cpi(private_child_sa_t *this) { if (!this->cpi_allocated) { @@ -968,7 +985,7 @@ static void destroy(private_child_sa_t *this) if (this->me.cpi) { charon->kernel_interface->del_sa(charon->kernel_interface, - this->other.addr, htonl(ntohs(this->me.cpi)), IPPROTO_COMP); + this->me.addr, htonl(ntohs(this->me.cpi)), IPPROTO_COMP); } if (this->other.cpi) { @@ -1023,20 +1040,21 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, this->public.get_name = (char*(*)(child_sa_t*))get_name; this->public.get_reqid = (u_int32_t(*)(child_sa_t*))get_reqid; this->public.get_spi = (u_int32_t(*)(child_sa_t*, bool))get_spi; + this->public.get_cpi = (u_int16_t(*)(child_sa_t*, bool))get_cpi; this->public.get_protocol = (protocol_id_t(*)(child_sa_t*))get_protocol; - this->public.get_stats = (void(*)(child_sa_t*, mode_t*,encryption_algorithm_t*,size_t*,integrity_algorithm_t*,size_t*,u_int32_t*,u_int32_t*,u_int32_t*,u_int32_t*))get_stats; + this->public.get_stats = (void(*)(child_sa_t*, ipsec_mode_t*,encryption_algorithm_t*,size_t*,integrity_algorithm_t*,size_t*,u_int32_t*,u_int32_t*,u_int32_t*,u_int32_t*))get_stats; this->public.alloc = (status_t(*)(child_sa_t*,linked_list_t*))alloc; - this->public.add = (status_t(*)(child_sa_t*,proposal_t*,mode_t,prf_plus_t*))add; - this->public.update = (status_t(*)(child_sa_t*,proposal_t*,mode_t,prf_plus_t*))update; + this->public.add = (status_t(*)(child_sa_t*,proposal_t*,ipsec_mode_t,prf_plus_t*))add; + this->public.update = (status_t(*)(child_sa_t*,proposal_t*,ipsec_mode_t,prf_plus_t*))update; this->public.update_hosts = (status_t (*)(child_sa_t*,host_t*,host_t*,bool))update_hosts; - this->public.add_policies = (status_t (*)(child_sa_t*, linked_list_t*,linked_list_t*,mode_t))add_policies; + this->public.add_policies = (status_t (*)(child_sa_t*, linked_list_t*,linked_list_t*,ipsec_mode_t,protocol_id_t))add_policies; this->public.get_traffic_selectors = (linked_list_t*(*)(child_sa_t*,bool))get_traffic_selectors; this->public.get_use_time = (status_t (*)(child_sa_t*,bool,time_t*))get_use_time; this->public.set_state = (void(*)(child_sa_t*,child_sa_state_t))set_state; this->public.get_state = (child_sa_state_t(*)(child_sa_t*))get_state; this->public.get_config = (child_cfg_t*(*)(child_sa_t*))get_config; this->public.activate_ipcomp = (void(*)(child_sa_t*,ipcomp_transform_t,u_int16_t))activate_ipcomp; - this->public.get_my_cpi = (u_int16_t(*)(child_sa_t*))get_my_cpi; + this->public.allocate_cpi = (u_int16_t(*)(child_sa_t*))allocate_cpi; this->public.set_virtual_ip = (void(*)(child_sa_t*,host_t*))set_virtual_ip; this->public.destroy = (void(*)(child_sa_t*))destroy; |