diff options
| author |   Neale Ranns <nranns@cisco.com> | 2019-07-10 13:46:21 +0000 |
|---|---|---|
| committer |   Damjan Marion <dmarion@me.com> | 2019-07-11 17:21:02 +0000 |
| commit | a4d2431594e492c3243f97881fb3ba66e3b4fd76 (patch) | |
| tree | c9321c65ebda0dfb18348ec95c83d178487ba874 /src/vnet/ipsec/ipsec_output.c | |
| parent | d2029bc9c5947a8a676208bada9386e07ec16c97 (diff) | |
ipsec: Revert "IPSEC: remove byte swap operations in DP during SPD classify"
Type: fix
Fixes: 231c4696872cb344f28648949603840136c0795d
This reverts commit 231c4696872cb344f28648949603840136c0795d.
Change-Id: I136344555983dd10a31dbc000ee40e2de2c91291
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/vnet/ipsec/ipsec_output.c')
| -rw-r--r-- | src/vnet/ipsec/ipsec_output.c | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/src/vnet/ipsec/ipsec_output.c b/src/vnet/ipsec/ipsec_output.c index 25a427f6ad6..2ba965a3ae8 100644 --- a/src/vnet/ipsec/ipsec_output.c +++ b/src/vnet/ipsec/ipsec_output.c @@ -82,16 +82,16 @@ ipsec_output_policy_match (ipsec_spd_t * spd, u8 pr, u32 la, u32 ra, u16 lp, if (PREDICT_FALSE (p->protocol && (p->protocol != pr))) continue; - if (ra < p->raddr.start.ip4.as_u32) + if (ra < clib_net_to_host_u32 (p->raddr.start.ip4.as_u32)) continue; - if (ra > p->raddr.stop.ip4.as_u32) + if (ra > clib_net_to_host_u32 (p->raddr.stop.ip4.as_u32)) continue; - if (la < p->laddr.start.ip4.as_u32) + if (la < clib_net_to_host_u32 (p->laddr.start.ip4.as_u32)) continue; - if (la > p->laddr.stop.ip4.as_u32) + if (la > clib_net_to_host_u32 (p->laddr.stop.ip4.as_u32)) continue; if (PREDICT_FALSE @@ -246,8 +246,10 @@ ipsec_output_inline (vlib_main_t * vm, vlib_node_runtime_t * node, p0 = ipsec6_output_policy_match (spd0, &ip6_0->src_address, &ip6_0->dst_address, - udp0->src_port, - udp0->dst_port, ip6_0->protocol); + clib_net_to_host_u16 + (udp0->src_port), + clib_net_to_host_u16 + (udp0->dst_port), ip6_0->protocol); } else { @@ -263,9 +265,14 @@ ipsec_output_inline (vlib_main_t * vm, vlib_node_runtime_t * node, #endif p0 = ipsec_output_policy_match (spd0, ip0->protocol, - ip0->src_address.as_u32, - ip0->dst_address.as_u32, - udp0->src_port, udp0->dst_port); + clib_net_to_host_u32 + (ip0->src_address.as_u32), + clib_net_to_host_u32 + (ip0->dst_address.as_u32), + clib_net_to_host_u16 + (udp0->src_port), + clib_net_to_host_u16 + (udp0->dst_port)); } tcp0 = (void *) udp0; |