ike-mobike: Force MOBIKE update after NAT mappings changed

The addresses observed by the client behind the NAT are exactly the same if
the NAT router gets restarted.

Fixes: 2b255f01afbc ("ike-mobike: Use ike_sa_t::update_hosts() to trigger events")

diff --git a/src/libcharon/sa/ikev2/tasks/ike_mobike.c b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
index b9ba92cd8904364eb79c2b0bf32b3d212189fa96..283ffd082abd05d3cba97b1fe7edadb292bbc501 100644 (file)
--- a/src/libcharon/sa/ikev2/tasks/ike_mobike.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_mobike.c
@@ -499,6 +499,8 @@ METHOD(task_t, process_i, status_t,
        }
        else if (message->get_exchange_type(message) == INFORMATIONAL)
        {
+               bool force = FALSE;
+
                if (is_newer_update_queued(this))
                {
                        return SUCCESS;
@@ -533,6 +535,7 @@ METHOD(task_t, process_i, status_t,
                        }
                        else if (this->natd->has_mapping_changed(this->natd))
                        {       /* force a check/update if mappings have changed during a DPD */
+                               force = TRUE;
                                this->check = TRUE;
                                DBG1(DBG_IKE, "detected changes in NAT mappings, "
                                         "initiating MOBIKE update");
@@ -553,7 +556,7 @@ METHOD(task_t, process_i, status_t,
                        {
                                other_new = other;
                        }
-                       if (me_new || other_new)
+                       if (me_new || other_new || force)
                        {
                                this->ike_sa->update_hosts(this->ike_sa, me_new, other_new,
                                                                                   UPDATE_HOSTS_FORCE_ALL);