From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 9 Feb 2018 07:48:07 +0000 (+0100)
Subject: ike-mobike: Don't trigger update for NAT mapping change detected during an address... 
X-Git-Tag: 5.6.2rc1~15^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=044b0f048b1278a1145a2d3863762a0c1bc46f23;p=thirdparty%2Fstrongswan.git

ike-mobike: Don't trigger update for NAT mapping change detected during an address update

This is really only needed for other exchanges like DPDs not when we
just updated the addresses. The NAT-D payloads are only used here to
detect whether UDP encapsulation has to be enabled/disabled.
---

diff --git a/src/libcharon/sa/ikev2/tasks/ike_mobike.c b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
index 59b55918d3..fe41a1cacf 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_mobike.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
@@ -574,7 +574,7 @@ METHOD(task_t, process_i, status_t,
 		if (this->natd)
 		{
 			this->natd->task.process(&this->natd->task, message);
-			if (this->natd->has_mapping_changed(this->natd))
+			if (!this->update && this->natd->has_mapping_changed(this->natd))
 			{
 				/* force an update if mappings have changed */
 				this->update = this->check = TRUE;