diff options
author | Neale Ranns <nranns@cisco.com> | 2019-03-20 14:10:23 +0000 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2019-03-20 17:23:41 +0000 |
commit | c80cc9ab84d7d94c6043054726ce401cea998bab (patch) | |
tree | d64893dc7eb165accd932e0425b5cfbdafbe06a1 | |
parent | b966e8bfdd3c63e2436ab6e5d250c8b1bf4dd102 (diff) |
IPSEC: Tunnel SA not deleted
p is overwritten by hash_unset so an incorrect value is passed to
ipsec_sa_del
Change-Id: I97300dd4421c62d7cfa47b8e7e9789becb2370e9
Signed-off-by: Neale Ranns <nranns@cisco.com>
-rw-r--r-- | src/vnet/ipsec/ipsec_if.c | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/src/vnet/ipsec/ipsec_if.c b/src/vnet/ipsec/ipsec_if.c index 33cac4c3cbd..7a44456efb6 100644 --- a/src/vnet/ipsec/ipsec_if.c +++ b/src/vnet/ipsec/ipsec_if.c @@ -382,11 +382,14 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, } else { + u32 ti; + /* check if exists */ if (!p) return VNET_API_ERROR_INVALID_VALUE; - t = pool_elt_at_index (im->tunnel_interfaces, p[0]); + ti = p[0]; + t = pool_elt_at_index (im->tunnel_interfaces, ti); hi = vnet_get_hw_interface (vnm, t->hw_if_index); vnet_sw_interface_set_flags (vnm, hi->sw_if_index, 0); /* admin down */ @@ -401,8 +404,8 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, pool_put (im->tunnel_interfaces, t); /* delete input and output SA */ - ipsec_sa_del (ipsec_tun_mk_input_sa_id (p[0])); - ipsec_sa_del (ipsec_tun_mk_output_sa_id (p[0])); + ipsec_sa_del (ipsec_tun_mk_input_sa_id (ti)); + ipsec_sa_del (ipsec_tun_mk_output_sa_id (ti)); } if (sw_if_index) |