ha: Ignore per-CPU CHILD_SAs

These only work on initiators (with trap policies), which is something
the plugin doesn't support.

diff --git a/src/libcharon/plugins/ha/ha_child.c b/src/libcharon/plugins/ha/ha_child.c
index 9d8fca9eb464c571b57296835251b34d4b05230f..ee33850049442daaee1057c4abe136dd60a753fd 100644 (file)
--- a/src/libcharon/plugins/ha/ha_child.c
+++ b/src/libcharon/plugins/ha/ha_child.c
@@ -66,6 +66,10 @@ METHOD(listener_t, child_keys, bool,
        {       /* do not sync SA between nodes */
                return TRUE;
        }
+       if (child_sa->use_per_cpu(child_sa))
+       {       /* ignore per-CPU SAs */
+               return TRUE;
+       }
 
        m = ha_message_create(HA_CHILD_ADD);
 
@@ -167,7 +171,10 @@ METHOD(listener_t, child_state_change, bool,
        {       /* do not sync SA between nodes */
                return TRUE;
        }
-
+       if (child_sa->use_per_cpu(child_sa))
+       {       /* ignore per-CPU SAs */
+               return TRUE;
+       }
 
        if (state == CHILD_DESTROYING)
        {