summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2019-03-20 14:10:23 +0000
committerDamjan Marion <dmarion@me.com>2019-03-20 17:23:41 +0000
commitc80cc9ab84d7d94c6043054726ce401cea998bab (patch)
treed64893dc7eb165accd932e0425b5cfbdafbe06a1 /src/vnet/ipsec
parentb966e8bfdd3c63e2436ab6e5d250c8b1bf4dd102 (diff)
IPSEC: Tunnel SA not deleted
p is overwritten by hash_unset so an incorrect value is passed to ipsec_sa_del Change-Id: I97300dd4421c62d7cfa47b8e7e9789becb2370e9 Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r--src/vnet/ipsec/ipsec_if.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/src/vnet/ipsec/ipsec_if.c b/src/vnet/ipsec/ipsec_if.c
index 33cac4c3cbd..7a44456efb6 100644
--- a/src/vnet/ipsec/ipsec_if.c
+++ b/src/vnet/ipsec/ipsec_if.c
@@ -382,11 +382,14 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm,
}
else
{
+ u32 ti;
+
/* check if exists */
if (!p)
return VNET_API_ERROR_INVALID_VALUE;
- t = pool_elt_at_index (im->tunnel_interfaces, p[0]);
+ ti = p[0];
+ t = pool_elt_at_index (im->tunnel_interfaces, ti);
hi = vnet_get_hw_interface (vnm, t->hw_if_index);
vnet_sw_interface_set_flags (vnm, hi->sw_if_index, 0); /* admin down */
@@ -401,8 +404,8 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm,
pool_put (im->tunnel_interfaces, t);
/* delete input and output SA */
- ipsec_sa_del (ipsec_tun_mk_input_sa_id (p[0]));
- ipsec_sa_del (ipsec_tun_mk_output_sa_id (p[0]));
+ ipsec_sa_del (ipsec_tun_mk_input_sa_id (ti));
+ ipsec_sa_del (ipsec_tun_mk_output_sa_id (ti));
}
if (sw_if_index)