kernel-ipsec: Add flag to disable sending fragments across AGGFRAG payloads

author Tobias Brunner <tobias@strongswan.org>

Thu, 15 May 2025 07:20:52 +0000 (09:20 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Wed, 28 May 2025 14:37:46 +0000 (16:37 +0200)
author Tobias Brunner <tobias@strongswan.org>
Thu, 15 May 2025 07:20:52 +0000 (09:20 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Wed, 28 May 2025 14:37:46 +0000 (16:37 +0200)
diff --git a/src/libcharon/kernel/kernel_ipsec.h b/src/libcharon/kernel/kernel_ipsec.h

index 6663d730b19e141b76b4a9b0340fcf329b203b14..3ef5811d9d7d83baec691a56ad10cfe2ee4f3bd1 100644 (file)
--- a/src/libcharon/kernel/kernel_ipsec.h
+++ b/src/libcharon/kernel/kernel_ipsec.h
@@ -113,6 +113,8 @@ struct kernel_ipsec_add_sa_t {
         bool copy_ecn;
         /** Whether to copy the DSCP header field to/from the outer header */
         dscp_copy_t copy_dscp;
+       /** TRUE if the peer doesn't support receiving fragments in AGGFRAG pkts */
+       bool iptfs_dont_frag;
         /** TRUE if initiator of the exchange creating the SA */
         bool initiator;
         /** TRUE if this is an inbound SA */
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 15 May 2025 07:20:52 +0000 (09:20 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Wed, 28 May 2025 14:37:46 +0000 (16:37 +0200)