From cd25d291f7fce92d1fe21f86c798bcb77f84b2f6 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 10 Oct 2013 15:41:29 +0200
Subject: kernel-libipsec: Don't ignore policies of type != POLICY_IPSEC

This actually broke rekeying due to the DROP policies that are
temporarily added, which broke the refcount as the ignored policies
were not ignored in del_policy() (the type is not known there).
---
 src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c | 5 -----
 1 file changed, 5 deletions(-)

(limited to 'src/libcharon/plugins/kernel_libipsec')

diff --git a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
index 8458cd1cf..d0744e300 100644
--- a/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
+++ b/src/libcharon/plugins/kernel_libipsec/kernel_libipsec_ipsec.c
@@ -523,11 +523,6 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
 	policy_entry_t *policy, *found = NULL;
 	status_t status;
 
-	if (type != POLICY_IPSEC)
-	{
-		return SUCCESS;
-	}
-
 	status = ipsec->policies->add_policy(ipsec->policies, src, dst, src_ts,
 								dst_ts, direction, type, sa, mark, priority);
 	if (status != SUCCESS)
-- 
cgit v1.2.3