cleaner error handling on UDP encapsultion sockopt failure
[strongswan.git] / src / charon / network / socket.c
index dc5aff8..eb61c83 100644 (file)
 #define IP_IPSEC_POLICY 16
 #endif /*IP_IPSEC_POLICY*/
 
+/* from linux/udp.h */
+#ifndef UDP_ENCAP
+#define UDP_ENCAP 100
+#endif /*UDP_ENCAP*/
+
+#ifndef UDP_ENCAP_ESPINUDP
+#define UDP_ENCAP_ESPINUDP 2
+#endif /*UDP_ENCAP_ESPINUDP*/
+
 typedef struct private_socket_t private_socket_t;
 
 /**
@@ -381,6 +390,16 @@ static status_t initialize(private_socket_t *this)
                this->logger->log(this->logger, ERROR, "unable to setup send socket on port %d!", this->natt_port);
                return FAILED;
        }
+       else
+       {
+               int type = UDP_ENCAP_ESPINUDP;
+               if (setsockopt(this->natt_fd, SOL_UDP, UDP_ENCAP, &type, sizeof(type)) < 0)
+               {
+                       this->logger->log(this->logger, ERROR, 
+                                                         "unable to set UDP_ENCAP on natt send socket! NAT-T may fail! error: %s",
+                                                         strerror(errno)); 
+               }
+       }
 
        return SUCCESS;
 }