diff options
Diffstat (limited to 'src/charon/sa/child_sa.c')
| -rw-r--r-- | src/charon/sa/child_sa.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index 14a0502fa..73ccffd65 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -776,20 +776,22 @@ static status_t update_hosts(private_child_sa_t *this, host_t *me, host_t *other, bool encap) { /* anything changed at all? */ - if (me->equals(me, this->me.addr) && other->equals(other, this->other.addr)) + if (me->equals(me, this->me.addr) && + other->equals(other, this->other.addr) && this->encap == encap) { return SUCCESS; } - /* run updown script to remove iptables rules */ updown(this, FALSE); + this->encap = encap; + /* update our (initator) SAs */ charon->kernel_interface->update_sa(charon->kernel_interface, this->me.spi, - this->protocol, this->other.addr, this->me.addr, other, me); + this->protocol, this->other.addr, this->me.addr, other, me, encap); /* update his (responder) SAs */ charon->kernel_interface->update_sa(charon->kernel_interface, this->other.spi, - this->protocol, this->me.addr, this->other.addr, me, other); + this->protocol, this->me.addr, this->other.addr, me, other, encap); /* update policies */ if (!me->ip_equals(me, this->me.addr) || |