From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 21 Dec 2021 10:22:36 +0000 (+0100)
Subject: kernel-interface: Optionally pass security label with an acquire
X-Git-Tag: 5.9.6rc1~3^2~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=52a05d7f6c39c2a794d4ece6cd32d46f08a5bd6c;p=thirdparty%2Fstrongswan.git

kernel-interface: Optionally pass security label with an acquire
---

diff --git a/src/libcharon/kernel/kernel_listener.h b/src/libcharon/kernel/kernel_listener.h
index 6534921c24..226b32f1ea 100644
--- a/src/libcharon/kernel/kernel_listener.h
+++ b/src/libcharon/kernel/kernel_listener.h
@@ -37,6 +37,8 @@ struct kernel_acquire_data_t {
 	traffic_selector_t *src;
 	/** Optional destination of the triggering packet */
 	traffic_selector_t *dst;
+	/** Optional security label of the triggering packet */
+	sec_label_t *label;
 };
 
 /**
diff --git a/src/libcharon/processing/jobs/acquire_job.c b/src/libcharon/processing/jobs/acquire_job.c
index 0f06fcfcd4..5142bb297e 100644
--- a/src/libcharon/processing/jobs/acquire_job.c
+++ b/src/libcharon/processing/jobs/acquire_job.c
@@ -45,6 +45,7 @@ METHOD(job_t, destroy, void,
 {
 	DESTROY_IF(this->data.src);
 	DESTROY_IF(this->data.dst);
+	DESTROY_IF(this->data.label);
 	free(this);
 }
 
@@ -88,7 +89,10 @@ acquire_job_t *acquire_job_create(uint32_t reqid, kernel_acquire_data_t *data)
 	{
 		this->data.dst = this->data.dst->clone(this->data.dst);
 	}
+	if (this->data.label)
+	{
+		this->data.label = this->data.label->clone(this->data.label);
+	}
 
 	return &this->public;
 }
-