dpdk: fix udp-encap for esp in transport mode

Now UDP encapsulation doesn't work in transport mode because:
 - the encrypt node misses filling of UDP header and it gets sent with
   all zeros;
 - the decrypt node misses filling of new IP header and it contains
   garbage data.

With this commit, fill UDP header during encryption and fill IP header
during decryption.

Change-Id: I87a7bd594f0e312b16d3e5eb19e568b4e3164d36
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
(cherry picked from commit 82fc98fa4578dbbfb156effb11dea6a4e2d0b898)

1 files changed, 7 insertions, 9 deletions

diff --git a/src/plugins/dpdk/ipsec/esp_decrypt.c b/src/plugins/dpdk/ipsec/esp_decrypt.c
index 112b96a12bd..f874694d086 100644
--- a/src/plugins/dpdk/ipsec/esp_decrypt.c
+++ b/src/plugins/dpdk/ipsec/esp_decrypt.c
@@ -613,16 +613,14 @@ dpdk_esp_decrypt_post_inline (vlib_main_t * vm,
 	      if ((ih4->ip_version_and_header_length & 0xF0) == 0x40)
 		{
 		  u16 ih4_len = ip4_header_bytes (ih4);
-		  vlib_buffer_advance (b0, -ih4_len - udp_encap_adv);
+		  vlib_buffer_advance (b0, -ih4_len);
 		  next0 = ESP_DECRYPT_NEXT_IP4_INPUT;
-		  if (!ipsec_sa_is_set_UDP_ENCAP (sa0))
-		    {
-		      oh4 = vlib_buffer_get_current (b0);
-		      memmove (oh4, ih4, ih4_len);
-		      oh4->protocol = f0->next_header;
-		      oh4->length = clib_host_to_net_u16 (b0->current_length);
-		      oh4->checksum = ip4_header_checksum (oh4);
-		    }
+
+		  oh4 = vlib_buffer_get_current (b0);
+		  memmove (oh4, ih4, ih4_len);
+		  oh4->protocol = f0->next_header;
+		  oh4->length = clib_host_to_net_u16 (b0->current_length);
+		  oh4->checksum = ip4_header_checksum (oh4);
 		}
 	      else if ((ih4->ip_version_and_header_length & 0xF0) == 0x60)
 		{