diff options
author | Szymon Sliwa <szs@semihalf.com> | 2018-03-19 15:14:31 +0000 |
---|---|---|
committer | Damjan Marion <dmarion.lists@gmail.com> | 2018-04-18 05:18:30 +0000 |
commit | 8640dbdb7292d8d206aab3a90551d93798c9c50c (patch) | |
tree | 4d78aa516c758e462579c3d0131135aa172754f0 /src/vnet/ipsec | |
parent | 07a38572caa2c2d2d8658420a7c3df8e7f9d0e74 (diff) |
Fix the ip header offset counting in vnet/ipsec
IP header is set as data + sizeof(ethernet_header_t),
what does not need to be true. The solution is to use
l3_hdr_offset.
Change-Id: I5d9f41599ba8d8eb14ce2d9d523f82ea6e0fd10d
Signed-off-by: Szymon Sliwa <szs@semihalf.com>
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r-- | src/vnet/ipsec/esp_decrypt.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/vnet/ipsec/esp_decrypt.c b/src/vnet/ipsec/esp_decrypt.c index a769e6bd51a..62b12dbbdf6 100644 --- a/src/vnet/ipsec/esp_decrypt.c +++ b/src/vnet/ipsec/esp_decrypt.c @@ -268,9 +268,10 @@ esp_decrypt_node_fn (vlib_main_t * vm, if (PREDICT_FALSE (!sa0->is_tunnel && !sa0->is_tunnel_ip6)) { tunnel_mode = 0; + ih4 = - (ip4_header_t *) (i_b0->data + - sizeof (ethernet_header_t)); + (ip4_header_t *) ((u8 *) i_b0->data + + vnet_buffer (i_b0)->l3_hdr_offset); if (PREDICT_TRUE ((ih4->ip_version_and_header_length & 0xF0) != 0x40)) { @@ -280,9 +281,7 @@ esp_decrypt_node_fn (vlib_main_t * vm, { transport_ip6 = 1; ip_hdr_size = sizeof (ip6_header_t); - ih6 = - (ip6_header_t *) (i_b0->data + - sizeof (ethernet_header_t)); + ih6 = (ip6_header_t *) ih4; oh6 = vlib_buffer_get_current (o_b0); } else |