diff options
-rw-r--r-- | src/plugins/dpdk/ipsec/esp_decrypt.c | 16 | ||||
-rw-r--r-- | src/plugins/dpdk/ipsec/esp_encrypt.c | 3 |
2 files changed, 9 insertions, 10 deletions
diff --git a/src/plugins/dpdk/ipsec/esp_decrypt.c b/src/plugins/dpdk/ipsec/esp_decrypt.c index 315251694ba..ae35ab5aaae 100644 --- a/src/plugins/dpdk/ipsec/esp_decrypt.c +++ b/src/plugins/dpdk/ipsec/esp_decrypt.c @@ -616,16 +616,14 @@ dpdk_esp_decrypt_post_inline (vlib_main_t * vm, if ((ih4->ip_version_and_header_length & 0xF0) == 0x40) { u16 ih4_len = ip4_header_bytes (ih4); - vlib_buffer_advance (b0, -ih4_len - udp_encap_adv); + vlib_buffer_advance (b0, -ih4_len); next0 = ESP_DECRYPT_NEXT_IP4_INPUT; - if (!ipsec_sa_is_set_UDP_ENCAP (sa0)) - { - oh4 = vlib_buffer_get_current (b0); - memmove (oh4, ih4, ih4_len); - oh4->protocol = f0->next_header; - oh4->length = clib_host_to_net_u16 (b0->current_length); - oh4->checksum = ip4_header_checksum (oh4); - } + + oh4 = vlib_buffer_get_current (b0); + memmove (oh4, ih4, ih4_len); + oh4->protocol = f0->next_header; + oh4->length = clib_host_to_net_u16 (b0->current_length); + oh4->checksum = ip4_header_checksum (oh4); } else if ((ih4->ip_version_and_header_length & 0xF0) == 0x60) { diff --git a/src/plugins/dpdk/ipsec/esp_encrypt.c b/src/plugins/dpdk/ipsec/esp_encrypt.c index c024f97e1e2..73f2081152d 100644 --- a/src/plugins/dpdk/ipsec/esp_encrypt.c +++ b/src/plugins/dpdk/ipsec/esp_encrypt.c @@ -428,6 +428,7 @@ dpdk_esp_encrypt_inline (vlib_main_t * vm, u8 *src = ((u8 *) ih0) - rewrite_len; u8 *dst = vlib_buffer_get_current (b0); oh0 = vlib_buffer_get_current (b0) + rewrite_len; + ouh0 = vlib_buffer_get_current (b0) + rewrite_len; if (is_ip6) { @@ -577,7 +578,7 @@ dpdk_esp_encrypt_inline (vlib_main_t * vm, tr->crypto_alg = sa0->crypto_alg; tr->integ_alg = sa0->integ_alg; u8 *p = vlib_buffer_get_current (b0); - if (!ipsec_sa_is_set_IS_TUNNEL (sa0)) + if (!ipsec_sa_is_set_IS_TUNNEL (sa0) && !is_tun) p += vnet_buffer (b0)->ip.save_rewrite_length; clib_memcpy_fast (tr->packet_data, p, sizeof (tr->packet_data)); } |