[strongSwan-dev] 5.2.2 - Bug in child SA interface to kernel?
Ryan Ruel
ryan at ryanruel.com
Fri Mar 6 14:07:52 CET 2015
I noticed that in 5.2.2, in child_sa.c, when the hydra kernel interface is
being called (line 722), it is called as follows:
status = hydra->kernel_interface->add_sa(hydra->kernel_interface,
src, dst, spi, proto_ike2ip(this->protocol), this->reqid,
inbound ? this->mark_in : this->mark_out, tfc,
lifetime, enc_alg, encr, int_alg, integ, this->mode,
this->ipcomp, cpi, this->config->get_replay_window(this->config),
initiator, this->encap, esn, update, src_ts, dst_ts);
The 3rd to last argument to "add_sa" is the "update" flag, but the kernel
interface specifies this as the "inbound" flag.
I've written my own kernel interface and all of the SA's are coming in a
"outbound" initially, because of this.
Is this intended?
/Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150306/717a9810/attachment.html>
More information about the Dev
mailing list