From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Tue, 22 Sep 2009 18:00:49 +0000 (+0200)
Subject: set XFRM_STATE_AF_UNSPEC flag
X-Git-Tag: 4.3.5rc1~115
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b88bbe8aa1284c98e2f234b0cc991ff5775680da;p=thirdparty%2Fstrongswan.git

set XFRM_STATE_AF_UNSPEC flag
---

diff --git a/src/pluto/kernel_netlink.c b/src/pluto/kernel_netlink.c
index 3622703180..a0db5e69ca 100644
--- a/src/pluto/kernel_netlink.c
+++ b/src/pluto/kernel_netlink.c
@@ -40,6 +40,11 @@
 #include "whack.h"      /* for RC_LOG_SERIOUS */
 #include "kernel_alg.h"
 
+/** required for Linux 2.6.26 kernel and later */
+#ifndef XFRM_STATE_AF_UNSPEC
+#define XFRM_STATE_AF_UNSPEC	32
+#endif
+
 /* Minimum priority number in SPD used by pluto. */
 #define MIN_SPD_PRIORITY 1024
 
@@ -602,7 +607,15 @@ static bool netlink_add_sa(const struct kernel_sa *sa, bool replace)
 	req.p.id.spi = sa->spi;
 	req.p.id.proto = satype2proto(sa->satype);
 	req.p.family = sa->src->u.v4.sin_family;
-	req.p.mode = (sa->encapsulation == ENCAPSULATION_MODE_TUNNEL);
+	if (sa->encapsulation == ENCAPSULATION_MODE_TUNNEL)
+	{
+		req.p.mode = XFRM_MODE_TUNNEL;
+		req.p.flags |= XFRM_STATE_AF_UNSPEC;
+	}
+	else
+	{
+		req.p.mode = XFRM_MODE_TRANSPORT;
+	}
 	req.p.replay_window = sa->replay_window;
 	req.p.reqid = sa->reqid;
 	req.p.lft.soft_byte_limit = XFRM_INF;