]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ebb9948)
traffic-selector: Add TS_SECLABEL type
authorTobias Brunner <tobias@strongswan.org>
Mon, 10 Jan 2022 15:35:38 +0000 (16:35 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 14 Apr 2022 16:42:01 +0000 (18:42 +0200)
src/charon-cmd/cmd/cmd_connection.c patch | blob | blame | history
src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c patch | blob | blame | history
src/libstrongswan/selectors/traffic_selector.c patch | blob | blame | history
src/libstrongswan/selectors/traffic_selector.h patch | blob | blame | history

diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
index 0481d78d42c95c7344baf2625471873f30c696bc..37d95195115c4350729f7d07cc38431e938207f7 100644 (file)
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -388,6 +388,8 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this,
                        case TS_IPV6_ADDR_RANGE:
                                has_v6 = TRUE;
                                break;
+                       default:
+                               continue;
                }
                child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
        }
diff --git a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
index 36f5a97fc6136688755b8d22b8252434e8f929a9..650e046208c32b8307ae255d7e9e6f99d9148737 100644 (file)
--- a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
+++ b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
@@ -820,6 +820,8 @@ static bool install_sps(private_kernel_wfp_ipsec_t *this,
                        case TS_IPV6_ADDR_RANGE:
                                has_v6 = TRUE;
                                break;
+                       default:
+                               continue;
                }
 
                /* inbound policy */
diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index 2735a5cc16c3d4fae8d99ea014d3097662f759cc..2e69e5ad89041f8152657c3d79528b16844ac068 100644 (file)
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -31,10 +31,12 @@
 
 #define NON_SUBNET_ADDRESS_RANGE       255
 
-ENUM(ts_type_name, TS_IPV4_ADDR_RANGE, TS_IPV6_ADDR_RANGE,
+ENUM_BEGIN(ts_type_name, TS_IPV4_ADDR_RANGE, TS_IPV6_ADDR_RANGE,
        "TS_IPV4_ADDR_RANGE",
-       "TS_IPV6_ADDR_RANGE",
-);
+       "TS_IPV6_ADDR_RANGE");
+ENUM_NEXT(ts_type_name, TS_SECLABEL, TS_SECLABEL, TS_IPV6_ADDR_RANGE,
+       "TS_SECLABEL");
+ENUM_END(ts_type_name, TS_SECLABEL);
 
 typedef struct private_traffic_selector_t private_traffic_selector_t;
 
diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h
index 03f7a6d8c61e28df75cb2f2da7439e61c97aaf39..a13aca106aa1549dee0751b9bfd26379337ea826 100644 (file)
--- a/src/libstrongswan/selectors/traffic_selector.h
+++ b/src/libstrongswan/selectors/traffic_selector.h
@@ -50,7 +50,12 @@ enum ts_type_t {
         * (inclusive). All addresses falling between the two specified
         *  addresses are considered to be within the list.
         */
-       TS_IPV6_ADDR_RANGE = 8
+       TS_IPV6_ADDR_RANGE = 8,
+
+       /**
+        * A security label.
+        */
+       TS_SECLABEL = 10,
 };
 
 /**
Unnamed repository; edit this file 'description' to name the repository.