mirror of
https://github.com/strongswan/strongswan.git
synced 2025-10-17 00:00:59 -04:00
kernel-libipsec: Don't ignore policies of type != POLICY_IPSEC
This actually broke rekeying due to the DROP policies that are temporarily added, which broke the refcount as the ignored policies were not ignored in del_policy() (the type is not known there).
This commit is contained in:
parent
eeb34af069
commit
cd25d291f7
@ -523,11 +523,6 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
|
|||||||
policy_entry_t *policy, *found = NULL;
|
policy_entry_t *policy, *found = NULL;
|
||||||
status_t status;
|
status_t status;
|
||||||
|
|
||||||
if (type != POLICY_IPSEC)
|
|
||||||
{
|
|
||||||
return SUCCESS;
|
|
||||||
}
|
|
||||||
|
|
||||||
status = ipsec->policies->add_policy(ipsec->policies, src, dst, src_ts,
|
status = ipsec->policies->add_policy(ipsec->policies, src, dst, src_ts,
|
||||||
dst_ts, direction, type, sa, mark, priority);
|
dst_ts, direction, type, sa, mark, priority);
|
||||||
if (status != SUCCESS)
|
if (status != SUCCESS)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user