diff options
author | Neale Ranns <neale@graphiant.com> | 2021-01-19 13:30:23 +0000 |
---|---|---|
committer | Ole Tr�an <otroan@employees.org> | 2021-01-21 10:58:39 +0000 |
commit | 03fabbd22215d306fb66c51f952480631d67c9dc (patch) | |
tree | a6de31d85d0a9ca8387d8f8172bea0fd08f98a30 /src/vnet | |
parent | 45d6d83761cd8c09c0a6430d11f70c37c3df256e (diff) |
ipsec: Honour IPSec SA table-ID over API
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ib08fe356e4dc710dd60a96736c48b27129f06786
Diffstat (limited to 'src/vnet')
-rw-r--r-- | src/vnet/ipsec/ipsec_api.c | 14 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_format.c | 6 |
2 files changed, 9 insertions, 11 deletions
diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c index 335996ee077..1a419e5c21a 100644 --- a/src/vnet/ipsec/ipsec_api.c +++ b/src/vnet/ipsec/ipsec_api.c @@ -454,15 +454,11 @@ static void vl_api_ipsec_sad_entry_add_del_v2_t_handler ip_address_decode (&mp->entry.tunnel_dst, &tun_dst); if (mp->is_add) - rv = ipsec_sa_add_and_lock (id, spi, proto, - crypto_alg, &crypto_key, - integ_alg, &integ_key, flags, - 0, mp->entry.salt, &tun_src, &tun_dst, - tunnel_flags, - ip_dscp_decode (mp->entry.dscp), - &sa_index, - htons (mp->entry.udp_src_port), - htons (mp->entry.udp_dst_port)); + rv = ipsec_sa_add_and_lock ( + id, spi, proto, crypto_alg, &crypto_key, integ_alg, &integ_key, flags, + htonl (mp->entry.tx_table_id), mp->entry.salt, &tun_src, &tun_dst, + tunnel_flags, ip_dscp_decode (mp->entry.dscp), &sa_index, + htons (mp->entry.udp_src_port), htons (mp->entry.udp_dst_port)); else rv = ipsec_sa_unlock_id (id); diff --git a/src/vnet/ipsec/ipsec_format.c b/src/vnet/ipsec/ipsec_format.c index 552d446aa34..909254a1dc9 100644 --- a/src/vnet/ipsec/ipsec_format.c +++ b/src/vnet/ipsec/ipsec_format.c @@ -320,8 +320,10 @@ format_ipsec_sa (u8 * s, va_list * args) if (ipsec_sa_is_set_IS_TUNNEL (sa)) { - tx_table_id = fib_table_get_table_id (sa->tx_fib_index, - FIB_PROTOCOL_IP4); + tx_table_id = fib_table_get_table_id ( + sa->tx_fib_index, + (ipsec_sa_is_set_IS_TUNNEL_V6 (sa) ? FIB_PROTOCOL_IP6 : + FIB_PROTOCOL_IP4)); s = format (s, "\n table-ID %d tunnel %U src %U dst %U flags %U", tx_table_id, format_ip_dscp, sa->dscp, |