From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 11 Mar 2016 18:17:03 +0000 (+0100)
Subject: kernel-pfkey: Use interface to next hop for shunt policies
X-Git-Tag: 5.5.0dr1~29^2~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c158331bfc0c39c3ea548ebd83545ae46d074482;p=thirdparty%2Fstrongswan.git

kernel-pfkey: Use interface to next hop for shunt policies
---

diff --git a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
index d54a96eb50..82abc76fae 100644
--- a/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libcharon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -2329,14 +2329,15 @@ static bool install_route(private_kernel_pfkey_ipsec_t *this,
 	{	/* for shunt policies */
 		route->gateway = charon->kernel->get_nexthop(charon->kernel,
 											policy->src.net, policy->src.mask,
-											route->src_ip, NULL);
+											route->src_ip, &route->if_name);
 
 		/* we don't have a source address, use the address we found */
 		src = route->src_ip;
 	}
 
 	/* get interface for route, using source address */
-	if (!charon->kernel->get_interface(charon->kernel, src, &route->if_name))
+	if (!route->if_name &&
+		!charon->kernel->get_interface(charon->kernel, src, &route->if_name))
 	{
 		route_entry_destroy(route);
 		return FALSE;