pluto: CAP_NET_RAW seems to be required on Android even to open regular sockets.
authorTobias Brunner <tobias@strongswan.org>
Tue, 18 Oct 2011 09:52:43 +0000 (11:52 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 18 Oct 2011 09:52:43 +0000 (11:52 +0200)
src/pluto/plutomain.c
src/pluto/server.c

index 6366b29..db5f2d9 100644 (file)
@@ -294,7 +294,13 @@ int main(int argc, char **argv)
        bool force_keepalive = FALSE;
        char *virtual_private = NULL;
 #ifdef CAPABILITIES
-       int keep[] = { CAP_NET_ADMIN, CAP_NET_BIND_SERVICE };
+       int keep[] = {
+                       CAP_NET_ADMIN,
+                       CAP_NET_BIND_SERVICE,
+#ifdef ANDROID
+                       CAP_NET_RAW,
+#endif
+       };
 #endif /* CAPABILITIES */
 
        /* initialize library and optionsfrom */
index 2d60804..167b1d4 100644 (file)
@@ -229,7 +229,7 @@ find_raw_ifaces4(void)
        struct ifconf ifconf;
        struct ifreq buf[300];      /* for list of interfaces -- arbitrary limit */
        struct raw_iface *rifaces = NULL;
-       int master_sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);    /* Get a UDP socket */
+       int master_sock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);    /* Get a UDP socket */
 
        /* get list of interfaces with assigned IPv4 addresses from system */