RFC2367 doesn't allow update anything but state and lifetimes for SAs in
MATURE state.

Do not require presence of SADB_EXT_KEY_ENCRYPT and SADB_EXT_KEY_AUTH
in the general checks for SADB_UPDATE message. They only required for
MATURE SAs. For LARVAL SAs on the contrary these headers are not allowed.