aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ip/ip.h
diff options
context:
space:
mode:
authorMatthew Smith <mgsmith@netgate.com>2018-12-21 11:53:16 -0600
committerDave Barach <openvpp@barachs.net>2019-01-02 12:21:40 +0000
commit461caa5f98202ac758076ad96b82c57251f2f19a (patch)
tree3677672c7e16f5e1d5494072028bb2503dc40027 /src/vnet/ip/ip.h
parentbe16020c5034bc69df25a8ecd7081aec9898d93c (diff)
ipsec: fix support check when using AES-GCM
When adding an IPsec SA, ipsec_check_support_cb() is called. This invokes a callback for AH and a callback for ESP to check if the algorithms are supported. When using AES-GCM on an ESP SA with the DPDK IPsec backend selected, the AH callback fails. The DPDK IPsec backend has no AH support, so the callback for the default OpenSSL backend is invoked. This checks whether the crypto algorithm is AES-GCM and returns failure. Only invoke the callback to check support for the IPsec protocol of the SA - either AH or ESP rather than doing both. Change-Id: Ic10be6a17b580d06ffb7e82ef5866e53a4f8b525 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Diffstat (limited to 'src/vnet/ip/ip.h')
0 files changed, 0 insertions, 0 deletions