socket-win: Install IKE bypass policies using bypass_socket()
authorMartin Willi <martin@revosec.ch>
Thu, 19 Dec 2013 13:14:37 +0000 (14:14 +0100)
committerMartin Willi <martin@revosec.ch>
Wed, 4 Jun 2014 14:32:10 +0000 (16:32 +0200)
src/libcharon/plugins/socket_win/socket_win_plugin.c
src/libcharon/plugins/socket_win/socket_win_socket.c

index 4c5ffe0..a0ef085 100644 (file)
@@ -49,6 +49,7 @@ METHOD(plugin_t, get_features, int,
        static plugin_feature_t f[] = {
                PLUGIN_CALLBACK(socket_register, socket_win_socket_create),
                        PLUGIN_PROVIDE(CUSTOM, "socket"),
+                               PLUGIN_DEPENDS(CUSTOM, "kernel-ipsec"),
        };
        *features = f;
        return countof(f);
index 473b053..2cd951d 100644 (file)
@@ -19,6 +19,7 @@
 #include "socket_win_socket.h"
 
 #include <library.h>
+#include <hydra.h>
 #include <threading/thread.h>
 #include <daemon.h>
 
@@ -424,6 +425,16 @@ static SOCKET open_socket(private_socket_win_socket_t *this, int i)
                closesocket(s);
                return INVALID_SOCKET;
        }
+       if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface,
+                                                                                               s, AF_INET))
+       {
+               DBG1(DBG_NET, "installing IPv4 IKE bypass policy failed");
+       }
+       if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface,
+                                                                                               s, AF_INET6))
+       {
+               DBG1(DBG_NET, "installing IPv6 IKE bypass policy failed");
+       }
        return s;
 }