char buffer[MAX_PACKET];
chunk_t data;
packet_t *pkt;
- struct iphdr *ip;
struct udphdr *udp;
host_t *source = NULL, *dest = NULL;
int bytes_read = 0;
{
/* IPv4 raw sockets return the IP header. We read src/dest
* information directly from the raw header */
+ struct iphdr *ip;
struct sockaddr_in src, dst;
+
bytes_read = recv(this->recv4, buffer, MAX_PACKET, 0);
if (bytes_read < 0)
{
}
else if (FD_ISSET(this->recv6, &rfds))
{
- /* IPv6 raw sockets return the no IP header. We must query
+ /* IPv6 raw sockets return no IP header. We must query
* src/dest via socket options/ancillary data */
struct msghdr msg;
struct cmsghdr *cmsgptr;
break;
case AF_INET6:
proto_offset = IP6_PROTO_OFFSET;
- ip_len = IP6_LEN;
+ ip_len = 0; /* IPv6 raw sockets contain no IP header */
ip_proto = IPPROTO_IPV6;
ip_pktinfo = IPV6_PKTINFO;
ipsec_policy = IPV6_IPSEC_POLICY;
*/
struct sock_filter ikev2_filter_code[] =
{
- /* Protocol must be UDP */
- BPF_STMT(BPF_LD+BPF_B+BPF_ABS, proto_offset),
- BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, IPPROTO_UDP, 0, 15),
/* Destination Port must be either port or natt_port */
BPF_STMT(BPF_LD+BPF_H+BPF_ABS, udp_header + 2),
BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, this->port, 1, 0),
return 0;
}
- if (family == AF_INET)
+ if (setsockopt(skt, SOL_SOCKET, SO_ATTACH_FILTER,
+ &ikev2_filter, sizeof(ikev2_filter)) < 0)
{
- if (setsockopt(skt, SOL_SOCKET, SO_ATTACH_FILTER,
- &ikev2_filter, sizeof(ikev2_filter)) < 0)
- {
- this->logger->log(this->logger, ERROR,
- "unable to attach IKEv2 filter to raw socket: %s",
- strerror(errno));
- close(skt);
- return 0;
- }
+ this->logger->log(this->logger, ERROR,
+ "unable to attach IKEv2 filter to raw socket: %s",
+ strerror(errno));
+ close(skt);
+ return 0;
}
else if (setsockopt(skt, ip_proto, ip_pktinfo, &on, sizeof(on)) < 0)
}
}
- if (!(this->send4 || this->send6))
+ if (!(this->send4 || this->send6) || !(this->recv4 || this->recv6))
{
this->logger->log(this->logger, ERROR,
"could not create any sockets");
projects / strongswan.git / blobdiff