From: Adrian-Ken Rueegsegger Date: Tue, 9 Mar 2021 17:07:34 +0000 (+0100) Subject: ike: Set DCSP on keepalive packets X-Git-Tag: 5.9.3dr2~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9f468f454af05a25a9fc63672e60d267e7d96399;p=thirdparty%2Fstrongswan.git ike: Set DCSP on keepalive packets --- diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c index bf9966b15d..51a8442493 100644 --- a/src/libcharon/sa/ike_sa.c +++ b/src/libcharon/sa/ike_sa.c @@ -638,6 +638,29 @@ METHOD(ike_sa_t, get_message_id, uint32_t, return this->task_manager->get_mid(this->task_manager, initiate); } +/** + * Set configured DSCP value on packet + */ +static void set_dscp(private_ike_sa_t *this, packet_t *packet) +{ + ike_cfg_t *ike_cfg; + + /* prefer IKE config on peer_cfg, as its selection is more accurate + * then the initial IKE config */ + if (this->peer_cfg) + { + ike_cfg = this->peer_cfg->get_ike_cfg(this->peer_cfg); + } + else + { + ike_cfg = this->ike_cfg; + } + if (ike_cfg) + { + packet->set_dscp(packet, ike_cfg->get_dscp(ike_cfg)); + } +} + METHOD(ike_sa_t, send_keepalive, void, private_ike_sa_t *this, bool scheduled) { @@ -681,6 +704,7 @@ METHOD(ike_sa_t, send_keepalive, void, packet = packet_create(); packet->set_source(packet, this->my_host->clone(this->my_host)); packet->set_destination(packet, this->other_host->clone(this->other_host)); + set_dscp(this, packet); data.ptr = malloc(1); data.ptr[0] = 0xFF; data.len = 1; @@ -1204,29 +1228,6 @@ METHOD(ike_sa_t, update_hosts, void, } } -/** - * Set configured DSCP value on packet - */ -static void set_dscp(private_ike_sa_t *this, packet_t *packet) -{ - ike_cfg_t *ike_cfg; - - /* prefer IKE config on peer_cfg, as its selection is more accurate - * then the initial IKE config */ - if (this->peer_cfg) - { - ike_cfg = this->peer_cfg->get_ike_cfg(this->peer_cfg); - } - else - { - ike_cfg = this->ike_cfg; - } - if (ike_cfg) - { - packet->set_dscp(packet, ike_cfg->get_dscp(ike_cfg)); - } -} - METHOD(ike_sa_t, generate_message, status_t, private_ike_sa_t *this, message_t *message, packet_t **packet) {