ignore IPCOMP acquires, fixes additional CHILD_SA setup with acquired SAs using compr...
authorMartin Willi <martin@strongswan.org>
Thu, 17 Jul 2008 08:25:34 +0000 (08:25 -0000)
committerMartin Willi <martin@strongswan.org>
Thu, 17 Jul 2008 08:25:34 +0000 (08:25 -0000)
src/charon/kernel/kernel_interface.c

index c5fba52..c403fb8 100644 (file)
@@ -547,6 +547,7 @@ static void add_attribute(struct nlmsghdr *hdr, int rta_type, chunk_t data,
 static void process_acquire(private_kernel_interface_t *this, struct nlmsghdr *hdr)
 {
        u_int32_t reqid = 0;
+       int proto = 0;
        job_t *job;
        struct rtattr *rtattr = XFRM_RTA(hdr, struct xfrm_user_acquire);
        size_t rtsize = XFRM_PAYLOAD(hdr, struct xfrm_user_tmpl);
@@ -557,8 +558,19 @@ static void process_acquire(private_kernel_interface_t *this, struct nlmsghdr *h
                {
                        struct xfrm_user_tmpl* tmpl = (struct xfrm_user_tmpl*)RTA_DATA(rtattr);
                        reqid = tmpl->reqid;
+                       proto = tmpl->id.proto;
                }
        }
+       switch (proto)
+       {
+               case 0:
+               case IPPROTO_ESP:
+               case IPPROTO_AH:
+                       break;
+               default:
+                       /* acquire for AH/ESP only, not for IPCOMP */
+                       return;
+       }
        if (reqid == 0)
        {
                DBG1(DBG_KNL, "received a XFRM_MSG_ACQUIRE, but no reqid found");