diff options
author | Neale Ranns <nranns@cisco.com> | 2019-07-10 07:10:25 +0000 |
---|---|---|
committer | Neale Ranns <nranns@cisco.com> | 2019-07-12 07:38:47 +0000 |
commit | 719beb709818b70a1fd65f3c2a625d955678ceb6 (patch) | |
tree | 02eb5efe0452f9ed87523827784cdf385131c695 /src/vnet/ipsec/ipsec_tun_in.c | |
parent | 6d72c175edbb7654a643a86411f6f95aae16d10d (diff) |
ip ipsec: Remove IPSec SPI-0 punt reason
Type: fix
There's no call for an SPI-0 punt reason with UDP encap, since
it's only with UDP encap that the ambiguity between IKE or IPSEC
occurs (and SPI=0 determines IKE).
Enhance the punt API to dum ponly the reason requested, so a client
can use this as a get-ID API
Change-Id: I5c6d72b03885e88c489117677e72f1ef5da90dfc
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/vnet/ipsec/ipsec_tun_in.c')
-rw-r--r-- | src/vnet/ipsec/ipsec_tun_in.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/src/vnet/ipsec/ipsec_tun_in.c b/src/vnet/ipsec/ipsec_tun_in.c index 2ce1691b242..df6d9278303 100644 --- a/src/vnet/ipsec/ipsec_tun_in.c +++ b/src/vnet/ipsec/ipsec_tun_in.c @@ -85,7 +85,7 @@ ipsec_ip4_if_no_tunnel (vlib_node_runtime_t * node, b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_SPI_0]; b->punt_reason = ipsec_punt_reason[(ip4->protocol == IP_PROTOCOL_UDP ? IPSEC_PUNT_IP4_SPI_UDP_0 : - IPSEC_PUNT_IP4_SPI_0)]; + IPSEC_PUNT_IP4_NO_SUCH_TUNNEL)]; } else { @@ -99,16 +99,9 @@ always_inline u16 ipsec_ip6_if_no_tunnel (vlib_node_runtime_t * node, vlib_buffer_t * b, const esp_header_t * esp) { - if (PREDICT_FALSE (0 == esp->spi)) - { - b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_NO_TUNNEL]; - b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_SPI_0]; - } - else - { - b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_NO_TUNNEL]; - b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_NO_SUCH_TUNNEL]; - } + b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_NO_TUNNEL]; + b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_NO_SUCH_TUNNEL]; + return (IPSEC_INPUT_NEXT_PUNT); } |