summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/plugins/wireguard/wireguard_input.c15
-rw-r--r--src/plugins/wireguard/wireguard_noise.h20
2 files changed, 21 insertions, 14 deletions
diff --git a/src/plugins/wireguard/wireguard_input.c b/src/plugins/wireguard/wireguard_input.c
index ba5a1d679e2..7db1a0ccfec 100644
--- a/src/plugins/wireguard/wireguard_input.c
+++ b/src/plugins/wireguard/wireguard_input.c
@@ -902,10 +902,17 @@ wg_input_post (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
last_rec_idx = data->receiver_index;
}
- ASSERT (peer != NULL); /* this pointer never should be NULL */
- if (PREDICT_FALSE (wg_input_post_process (vm, b[0], next, peer, data,
- &is_keepalive) < 0))
- goto trace;
+ if (PREDICT_TRUE (peer != NULL))
+ {
+ if (PREDICT_FALSE (wg_input_post_process (vm, b[0], next, peer, data,
+ &is_keepalive) < 0))
+ goto trace;
+ }
+ else
+ {
+ next[0] = WG_INPUT_NEXT_PUNT;
+ goto trace;
+ }
if (PREDICT_FALSE (peer_idx && (last_peer_time_idx != peer_idx)))
{
diff --git a/src/plugins/wireguard/wireguard_noise.h b/src/plugins/wireguard/wireguard_noise.h
index b436120dd8c..e95211b8884 100644
--- a/src/plugins/wireguard/wireguard_noise.h
+++ b/src/plugins/wireguard/wireguard_noise.h
@@ -199,22 +199,22 @@ noise_remote_encrypt (vlib_main_t * vm, noise_remote_t *,
static_always_inline noise_keypair_t *
wg_get_active_keypair (noise_remote_t *r, uint32_t r_idx)
{
- if (r->r_current != NULL)
+ if (r->r_current != NULL && r->r_current->kp_local_index == r_idx)
{
- if (r->r_current->kp_local_index == r_idx)
- return r->r_current;
+ return r->r_current;
}
- if (r->r_previous != NULL)
+ else if (r->r_previous != NULL && r->r_previous->kp_local_index == r_idx)
{
- if (r->r_previous->kp_local_index == r_idx)
- return r->r_previous;
+ return r->r_previous;
}
- if (r->r_next != NULL)
+ else if (r->r_next != NULL && r->r_next->kp_local_index == r_idx)
{
- if (r->r_next->kp_local_index == r_idx)
- return r->r_next;
+ return r->r_next;
+ }
+ else
+ {
+ return NULL;
}
- return NULL;
}
inline bool