ipsec: separate UDP and UDP-encapsulated ESP packet processing - vpp

diff options

author	vinay tripathi <vinayx.tripathi@intel.com>	2023-06-06 12:57:55 +0530
committer	vinay Tripathi <vinayx.tripathi@intel.com>	2023-10-31 11:41:54 +0000
commit	2d7988d719d1f3cab9ac4a0762786c4b07443671 (patch)
tree	8b149e722029f810d6ae860662b765519186b82c /src/vnet/ipsec/esp.h
parent	bc5f5305997e3b8f624b64bcc2d68687f31d515a (diff)

ipsec: separate UDP and UDP-encapsulated ESP packet processing

This fix differentiates UDP and UDP-encapsulated ESP packets processing. While UDP-encapsulated ESP traffic is processed as IPsec traffic, UDP as other plain-text protocols is NOT dispatched against SPD policies. Key logic is taken from RFC 3948, and is based on the fact that the checksum of UDP packet encapsulating ESP packet must be zero. Type: fix Signed-off-by: vinay tripathi <vinayx.tripathi@intel.com> Change-Id: Ib1b4d240eea8e89f2daf17ec833905f26cdb31bd

Diffstat (limited to 'src/vnet/ipsec/esp.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: