ha: Always install the CHILD_SAs with the inbound flag set to FALSE

The inbound flag is used to determine if we have to install an update or a new
SA in the kernel. As we do not have allocated SPIs and therefore can't update
an existing SA in the HA plugin, always set the flag to FALSE.

Before 698ed656 we had extra logic for that case, but handling it directly in
the HA plugin is simpler.

diff --git a/src/libcharon/plugins/ha/ha_dispatcher.c b/src/libcharon/plugins/ha/ha_dispatcher.c
index 983f9d8fc188c2f12981599cf801bf6cc4677571..81132b492903af0ce41a7bde384366b071f72f20 100644 (file)
--- a/src/libcharon/plugins/ha/ha_dispatcher.c
+++ b/src/libcharon/plugins/ha/ha_dispatcher.c
@@ -792,7 +792,7 @@ static void process_child_add(private_ha_dispatcher_t *this,
        if (initiator)
        {
                if (child_sa->install(child_sa, encr_r, integ_r, inbound_spi,
-                                                         inbound_cpi, initiator, TRUE, TRUE,
+                                                         inbound_cpi, initiator, FALSE, TRUE,
                                                          local_ts, remote_ts) != SUCCESS ||
                        child_sa->install(child_sa, encr_i, integ_i, outbound_spi,
                                                          outbound_cpi, initiator, FALSE, TRUE,
@@ -804,7 +804,7 @@ static void process_child_add(private_ha_dispatcher_t *this,
        else
        {
                if (child_sa->install(child_sa, encr_i, integ_i, inbound_spi,
-                                                         inbound_cpi, initiator, TRUE, TRUE,
+                                                         inbound_cpi, initiator, FALSE, TRUE,
                                                          local_ts, remote_ts) != SUCCESS ||
                        child_sa->install(child_sa, encr_r, integ_r, outbound_spi,
                                                          outbound_cpi, initiator, FALSE, TRUE,