From c158331bfc0c39c3ea548ebd83545ae46d074482 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 11 Mar 2016 19:17:03 +0100
Subject: kernel-pfkey: Use interface to next hop for shunt policies

---
 src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c')

diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
index d54a96eb5..82abc76fa 100644
--- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -2329,14 +2329,15 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this,
 	{	/* for shunt policies */
 		route->gateway = charon->kernel->get_nexthop(charon->kernel,
 											policy->src.net, policy->src.mask,
-											route->src_ip, NULL);
+											route->src_ip, &route->if_name);
 
 		/* we don't have a source address, use the address we found */
 		src = route->src_ip;
 	}
 
 	/* get interface for route, using source address */
-	if (!charon->kernel->get_interface(charon->kernel, src, &route->if_name))
+	if (!route->if_name &&
+		!charon->kernel->get_interface(charon->kernel, src, &route->if_name))
 	{
 		route_entry_destroy(route);
 		return FALSE;
-- 
cgit v1.2.3