[Openswan dev] feedback desired: Forcing CK_PERMANENT to CK_TEMPLATE - new option?
Paul Wouters
paul at xelerance.com
Tue Aug 10 20:37:18 EDT 2010
On Tue, 10 Aug 2010, Paul Wouters wrote:
> Thinking about it some more, we can probably deduce this, as we know
> there is a "vnet:" structure used, so in pluto's add_connection()
> we should be able to check for this and set c->kind = CK_TEMPLATE
> without needing a new option.
I ended up using this in add_connection:
diff --git a/programs/pluto/connections.c b/programs/pluto/connections.c
index f9711e5..e4ca5d4 100644
--- a/programs/pluto/connections.c
+++ b/programs/pluto/connections.c
@@ -1401,6 +1401,13 @@ add_connection(const struct whack_message *wm)
* or wildcard ID */
c->kind = CK_TEMPLATE;
}
+
+ else if ((c->spd.that.virt != NULL) || (c->spd.this.virt != NULL))
+ {
+ /* If we have a subnet=vnet:, instantiate so we can accept multiple subnets from the remote peer */
+ DBG(DBG_CONTROL, DBG_log("virt was set (via vnet=?), the connection is a template"));
+ c->kind = CK_TEMPLATE;
+ }
else
{
c->kind = CK_PERMANENT;
More information about the Dev
mailing list