From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 17 Jun 2013 19:51:23 +0000 (+0200)
Subject: kernel-libipsec: Ignore failures when installing routes for multicast or broadcast... 
X-Git-Tag: 5.1.0dr1~80^2~4
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=23ea59a95cfa13686c78399029202167639fa307;p=thirdparty%2Fstrongswan.git

kernel-libipsec: Ignore failures when installing routes for multicast or broadcast policies
---

diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
index e304d955d9..3740c76437 100644
--- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
+++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
@@ -398,8 +398,30 @@ static bool install_route(private_kernel_libipsec_ipsec_t *this,
 	if (hydra->kernel_interface->get_address_by_ts(hydra->kernel_interface,
 									src_ts, &src_ip, &is_virtual) != SUCCESS)
 	{
+		traffic_selector_t *multicast, *broadcast = NULL;
+		bool ignore = FALSE;
+
 		this->mutex->unlock(this->mutex);
-		return FALSE;
+		switch (src_ts->get_type(src_ts))
+		{
+			case TS_IPV4_ADDR_RANGE:
+				multicast = traffic_selector_create_from_cidr("224.0.0.0/4",
+															  0, 0, 0xffff);
+				broadcast = traffic_selector_create_from_cidr("255.255.255.255/32",
+															  0, 0, 0xffff);
+				break;
+			case TS_IPV6_ADDR_RANGE:
+				multicast = traffic_selector_create_from_cidr("ff00::/8",
+															  0, 0, 0xffff);
+				break;
+			default:
+				return FALSE;
+		}
+		ignore = src_ts->is_contained_in(src_ts, multicast);
+		ignore |= broadcast && src_ts->is_contained_in(src_ts, broadcast);
+		multicast->destroy(multicast);
+		DESTROY_IF(broadcast);
+		return ignore;
 	}
 
 	INIT(route,