diff options
Diffstat (limited to 'src/libipsec')
| -rw-r--r-- | src/libipsec/Makefile.in | 2 | ||||
| -rw-r--r-- | src/libipsec/ipsec_policy_mgr.c | 11 | ||||
| -rw-r--r-- | src/libipsec/ipsec_policy_mgr.h | 11 | ||||
| -rw-r--r-- | src/libipsec/tests/Makefile.in | 2 |
4 files changed, 17 insertions, 9 deletions
diff --git a/src/libipsec/Makefile.in b/src/libipsec/Makefile.in index aa793441b..a08d8c51f 100644 --- a/src/libipsec/Makefile.in +++ b/src/libipsec/Makefile.in @@ -453,6 +453,8 @@ strongswan_conf = @strongswan_conf@ strongswan_options = @strongswan_options@ swanctldir = @swanctldir@ sysconfdir = @sysconfdir@ +systemd_CFLAGS = @systemd_CFLAGS@ +systemd_LIBS = @systemd_LIBS@ systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ systemd_daemon_LIBS = @systemd_daemon_LIBS@ systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ diff --git a/src/libipsec/ipsec_policy_mgr.c b/src/libipsec/ipsec_policy_mgr.c index e2eaba014..3f312ffd2 100644 --- a/src/libipsec/ipsec_policy_mgr.c +++ b/src/libipsec/ipsec_policy_mgr.c @@ -175,15 +175,16 @@ METHOD(ipsec_policy_mgr_t, add_policy, status_t, } METHOD(ipsec_policy_mgr_t, del_policy, status_t, - private_ipsec_policy_mgr_t *this, traffic_selector_t *src_ts, - traffic_selector_t *dst_ts, policy_dir_t direction, u_int32_t reqid, - mark_t mark, policy_priority_t policy_priority) + private_ipsec_policy_mgr_t *this, host_t *src, host_t *dst, + traffic_selector_t *src_ts, traffic_selector_t *dst_ts, + policy_dir_t direction, policy_type_t type, ipsec_sa_cfg_t *sa, mark_t mark, + policy_priority_t policy_priority) { enumerator_t *enumerator; ipsec_policy_entry_t *current, *found = NULL; u_int32_t priority; - if (direction == POLICY_FWD) + if (type != POLICY_IPSEC || direction == POLICY_FWD) { /* we ignore these policies as we currently have no use for them */ return SUCCESS; } @@ -198,7 +199,7 @@ METHOD(ipsec_policy_mgr_t, del_policy, status_t, { if (current->priority == priority && current->policy->match(current->policy, src_ts, dst_ts, direction, - reqid, mark, policy_priority)) + sa->reqid, mark, policy_priority)) { this->policies->remove_at(this->policies, enumerator); found = current; diff --git a/src/libipsec/ipsec_policy_mgr.h b/src/libipsec/ipsec_policy_mgr.h index 30406bdb7..0ea797e7a 100644 --- a/src/libipsec/ipsec_policy_mgr.h +++ b/src/libipsec/ipsec_policy_mgr.h @@ -71,18 +71,21 @@ struct ipsec_policy_mgr_t { /** * Remove a policy * + * @param src source address of SA + * @param dst dest address of SA * @param src_ts traffic selector to match traffic source * @param dst_ts traffic selector to match traffic dest * @param direction direction of traffic, POLICY_(IN|OUT|FWD) - * @param reqid unique ID of the associated SA + * @param type type of policy, POLICY_(IPSEC|PASS|DROP) + * @param sa details about the SA(s) tied to this policy * @param mark optional mark * @param priority priority of the policy * @return SUCCESS if operation completed */ status_t (*del_policy)(ipsec_policy_mgr_t *this, - traffic_selector_t *src_ts, - traffic_selector_t *dst_ts, - policy_dir_t direction, u_int32_t reqid, mark_t mark, + host_t *src, host_t *dst, traffic_selector_t *src_ts, + traffic_selector_t *dst_ts, policy_dir_t direction, + policy_type_t type, ipsec_sa_cfg_t *sa, mark_t mark, policy_priority_t priority); /** diff --git a/src/libipsec/tests/Makefile.in b/src/libipsec/tests/Makefile.in index 9a9bb3142..ebf6e7e93 100644 --- a/src/libipsec/tests/Makefile.in +++ b/src/libipsec/tests/Makefile.in @@ -409,6 +409,8 @@ strongswan_conf = @strongswan_conf@ strongswan_options = @strongswan_options@ swanctldir = @swanctldir@ sysconfdir = @sysconfdir@ +systemd_CFLAGS = @systemd_CFLAGS@ +systemd_LIBS = @systemd_LIBS@ systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ systemd_daemon_LIBS = @systemd_daemon_LIBS@ systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ |