diff options
Diffstat (limited to 'src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c')
-rw-r--r-- | src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c index 9a40927d2..6f18674fd 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -1666,10 +1666,19 @@ METHOD(kernel_ipsec_t, add_sa, status_t, } } - if (this->socket_xfrm->send_ack(this->socket_xfrm, hdr) != SUCCESS) + status = this->socket_xfrm->send_ack(this->socket_xfrm, hdr); + if (status == NOT_FOUND && data->update) { - DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x%s", ntohl(id->spi), - markstr); + DBG1(DBG_KNL, "allocated SPI not found anymore, try to add SAD entry"); + hdr->nlmsg_type = XFRM_MSG_NEWSA; + status = this->socket_xfrm->send_ack(this->socket_xfrm, hdr); + } + + if (status != SUCCESS) + { + DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x%s (%N)", ntohl(id->spi), + markstr, status_names, status); + status = FAILED; goto failed; } |