From: Martin Willi <martin@revosec.ch>
Date: Fri, 1 Mar 2013 10:30:13 +0000 (+0100)
Subject: Merge branch 'vip-shunts'
X-Git-Tag: 5.0.3dr3~40
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ec1b4e6638598b5c77684cd01ab4caeaf3e230a4;p=thirdparty%2Fstrongswan.git

Merge branch 'vip-shunts'

Installs bypass policies for the physical address if a virtual address is
assigned, and installs a proper source route to actually use the physical
address for bypassed destinations.

Conflicts:
	src/libcharon/plugins/unity/unity_handler.c
---

ec1b4e6638598b5c77684cd01ab4caeaf3e230a4
diff --cc src/libcharon/plugins/unity/unity_handler.c
index 39dd5f0963,30573c7ffb..9d145b93f9
--- a/src/libcharon/plugins/unity/unity_handler.c
+++ b/src/libcharon/plugins/unity/unity_handler.c
@@@ -187,13 -186,16 +186,18 @@@ static job_requeue_t add_exclude_async(
  									 FALSE, 0, 0, NULL, NULL, FALSE);
  		child_cfg->add_traffic_selector(child_cfg, FALSE,
  										entry->ts->clone(entry->ts));
+ 		host = ike_sa->get_my_host(ike_sa);
+ 		child_cfg->add_traffic_selector(child_cfg, TRUE,
 -				traffic_selector_create_from_subnet(host->clone(host), 32, 0, 0));
++				traffic_selector_create_from_subnet(host->clone(host),
++													32, 0, 0, 65535));
+ 		charon->ike_sa_manager->checkin(charon->ike_sa_manager, ike_sa);
+ 
  		enumerator = ike_sa->create_virtual_ip_enumerator(ike_sa, TRUE);
  		while (enumerator->enumerate(enumerator, &host))
  		{
- 			has_vip = TRUE;
  			child_cfg->add_traffic_selector(child_cfg, TRUE,
 -				traffic_selector_create_from_subnet(host->clone(host), 32, 0, 0));
 +				traffic_selector_create_from_subnet(host->clone(host),
 +													32, 0, 0, 65535));
  		}
  		enumerator->destroy(enumerator);