From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 10 Jan 2022 15:35:38 +0000 (+0100)
Subject: traffic-selector: Add TS_SECLABEL type
X-Git-Tag: 5.9.6rc1~3^2~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d71d181d28218299c51486906beecf87ec44e88a;p=thirdparty%2Fstrongswan.git

traffic-selector: Add TS_SECLABEL type
---

diff --git a/src/charon-cmd/cmd/cmd_connection.c b/src/charon-cmd/cmd/cmd_connection.c
index 0481d78d42..37d9519511 100644
--- a/src/charon-cmd/cmd/cmd_connection.c
+++ b/src/charon-cmd/cmd/cmd_connection.c
@@ -388,6 +388,8 @@ static child_cfg_t* create_child_cfg(private_cmd_connection_t *this,
 			case TS_IPV6_ADDR_RANGE:
 				has_v6 = TRUE;
 				break;
+			default:
+				continue;
 		}
 		child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
 	}
diff --git a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
index 36f5a97fc6..650e046208 100644
--- a/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
+++ b/src/libcharon/plugins/kernel_wfp/kernel_wfp_ipsec.c
@@ -820,6 +820,8 @@ static bool install_sps(private_kernel_wfp_ipsec_t *this,
 			case TS_IPV6_ADDR_RANGE:
 				has_v6 = TRUE;
 				break;
+			default:
+				continue;
 		}
 
 		/* inbound policy */
diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c
index 2735a5cc16..2e69e5ad89 100644
--- a/src/libstrongswan/selectors/traffic_selector.c
+++ b/src/libstrongswan/selectors/traffic_selector.c
@@ -31,10 +31,12 @@
 
 #define NON_SUBNET_ADDRESS_RANGE	255
 
-ENUM(ts_type_name, TS_IPV4_ADDR_RANGE, TS_IPV6_ADDR_RANGE,
+ENUM_BEGIN(ts_type_name, TS_IPV4_ADDR_RANGE, TS_IPV6_ADDR_RANGE,
 	"TS_IPV4_ADDR_RANGE",
-	"TS_IPV6_ADDR_RANGE",
-);
+	"TS_IPV6_ADDR_RANGE");
+ENUM_NEXT(ts_type_name, TS_SECLABEL, TS_SECLABEL, TS_IPV6_ADDR_RANGE,
+	"TS_SECLABEL");
+ENUM_END(ts_type_name, TS_SECLABEL);
 
 typedef struct private_traffic_selector_t private_traffic_selector_t;
 
diff --git a/src/libstrongswan/selectors/traffic_selector.h b/src/libstrongswan/selectors/traffic_selector.h
index 03f7a6d8c6..a13aca106a 100644
--- a/src/libstrongswan/selectors/traffic_selector.h
+++ b/src/libstrongswan/selectors/traffic_selector.h
@@ -50,7 +50,12 @@ enum ts_type_t {
 	 * (inclusive). All addresses falling between the two specified
 	 *  addresses are considered to be within the list.
 	 */
-	TS_IPV6_ADDR_RANGE = 8
+	TS_IPV6_ADDR_RANGE = 8,
+
+	/**
+	 * A security label.
+	 */
+	TS_SECLABEL = 10,
 };
 
 /**