set XFRM_STATE_AF_UNSPEC flag

author Andreas Steffen <andreas.steffen@strongswan.org>

Tue, 22 Sep 2009 18:00:49 +0000 (20:00 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Tue, 22 Sep 2009 18:55:10 +0000 (20:55 +0200)
author Andreas Steffen <andreas.steffen@strongswan.org>
Tue, 22 Sep 2009 18:00:49 +0000 (20:00 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Tue, 22 Sep 2009 18:55:10 +0000 (20:55 +0200)
diff --git a/src/pluto/kernel_netlink.c b/src/pluto/kernel_netlink.c

index 3622703180ce0f357522363bb086839401fcee42..a0db5e69ca88aa86f82065b0238a1415a52b7d3d 100644 (file)
--- a/src/pluto/kernel_netlink.c
+++ b/src/pluto/kernel_netlink.c
@@ -40,6 +40,11 @@
  #include "whack.h"      /* for RC_LOG_SERIOUS */
  #include "kernel_alg.h"
  
+/** required for Linux 2.6.26 kernel and later */
+#ifndef XFRM_STATE_AF_UNSPEC
+#define XFRM_STATE_AF_UNSPEC   32
+#endif
+
  /* Minimum priority number in SPD used by pluto. */
  #define MIN_SPD_PRIORITY 1024
  
@@ -602,7 +607,15 @@ static bool netlink_add_sa(const struct kernel_sa *sa, bool replace)
         req.p.id.spi = sa->spi;
         req.p.id.proto = satype2proto(sa->satype);
         req.p.family = sa->src->u.v4.sin_family;
-       req.p.mode = (sa->encapsulation == ENCAPSULATION_MODE_TUNNEL);
+       if (sa->encapsulation == ENCAPSULATION_MODE_TUNNEL)
+       {
+               req.p.mode = XFRM_MODE_TUNNEL;
+               req.p.flags |= XFRM_STATE_AF_UNSPEC;
+       }
+       else
+       {
+               req.p.mode = XFRM_MODE_TRANSPORT;
+       }
         req.p.replay_window = sa->replay_window;
         req.p.reqid = sa->reqid;
         req.p.lft.soft_byte_limit = XFRM_INF;
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Tue, 22 Sep 2009 18:00:49 +0000 (20:00 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Tue, 22 Sep 2009 18:55:10 +0000 (20:55 +0200)