diff mbox

'ip' command should allow creation of an IPsec SA with 'proto any' and specified sport and dport as selectors

Message ID 200904241515.6341@centrum.cz
State Not Applicable, archived
Delegated to: David Miller
Headers show

Commit Message

Jiri Klimes April 24, 2009, 1:15 p.m. UTC
diff mbox

Patch

--- a/ip/ipxfrm.c
+++ b/ip/ipxfrm.c
@@ -1156,6 +1156,7 @@  static int xfrm_selector_upspec_parse(struct xfrm_selector *sel,
                case IPPROTO_UDP:
                case IPPROTO_SCTP:
                case IPPROTO_DCCP:
+               case IPPROTO_IP:  /* to allow shared SA for different protocols */
                        break;
                default:
                        fprintf(stderr, "\"sport\" and \"dport\" are invalid with proto=%s\n", strxf_proto(sel->proto));