diff options
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r-- | src/vnet/ipsec/ipsec_if_in.c | 16 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_punt.h | 2 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_tun_in.c | 15 |
3 files changed, 9 insertions, 24 deletions
diff --git a/src/vnet/ipsec/ipsec_if_in.c b/src/vnet/ipsec/ipsec_if_in.c index d1f9d5c3ad3..4e93725b97c 100644 --- a/src/vnet/ipsec/ipsec_if_in.c +++ b/src/vnet/ipsec/ipsec_if_in.c @@ -74,7 +74,8 @@ ipsec_ip4_if_no_tunnel (vlib_node_runtime_t * node, b->error = node->errors[IPSEC_IF_INPUT_ERROR_SPI_0]; b->punt_reason = ipsec_punt_reason[(ip4->protocol == IP_PROTOCOL_UDP ? - IPSEC_PUNT_IP4_SPI_UDP_0 : IPSEC_PUNT_IP4_SPI_0)]; + IPSEC_PUNT_IP4_SPI_UDP_0 : + IPSEC_PUNT_IP4_NO_SUCH_TUNNEL)]; } else { @@ -90,16 +91,9 @@ ipsec_ip6_if_no_tunnel (vlib_node_runtime_t * node, vlib_buffer_t * b, const esp_header_t * esp, u16 offset) { - if (PREDICT_FALSE (0 == esp->spi)) - { - b->error = node->errors[IPSEC_IF_INPUT_ERROR_NO_TUNNEL]; - b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_SPI_0]; - } - else - { - b->error = node->errors[IPSEC_IF_INPUT_ERROR_NO_TUNNEL]; - b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_NO_SUCH_TUNNEL]; - } + b->error = node->errors[IPSEC_IF_INPUT_ERROR_NO_TUNNEL]; + b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_NO_SUCH_TUNNEL]; + vlib_buffer_advance (b, -offset); return (IPSEC_INPUT_NEXT_PUNT); } diff --git a/src/vnet/ipsec/ipsec_punt.h b/src/vnet/ipsec/ipsec_punt.h index 4400ec9b4d2..f95e1da9133 100644 --- a/src/vnet/ipsec/ipsec_punt.h +++ b/src/vnet/ipsec/ipsec_punt.h @@ -18,8 +18,6 @@ #include <vlib/vlib.h> #define foreach_ipsec_punt_reason \ - _(IP4_SPI_0, "ipsec4-spi-0") \ - _(IP6_SPI_0, "ipsec6-spi-0") \ _(IP4_SPI_UDP_0, "ipsec4-spi-o-udp-0") \ _(IP4_NO_SUCH_TUNNEL, "ipsec4-no-such-tunnel") \ _(IP6_NO_SUCH_TUNNEL, "ipsec6-no-such-tunnel") diff --git a/src/vnet/ipsec/ipsec_tun_in.c b/src/vnet/ipsec/ipsec_tun_in.c index 2ce1691b242..df6d9278303 100644 --- a/src/vnet/ipsec/ipsec_tun_in.c +++ b/src/vnet/ipsec/ipsec_tun_in.c @@ -85,7 +85,7 @@ ipsec_ip4_if_no_tunnel (vlib_node_runtime_t * node, b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_SPI_0]; b->punt_reason = ipsec_punt_reason[(ip4->protocol == IP_PROTOCOL_UDP ? IPSEC_PUNT_IP4_SPI_UDP_0 : - IPSEC_PUNT_IP4_SPI_0)]; + IPSEC_PUNT_IP4_NO_SUCH_TUNNEL)]; } else { @@ -99,16 +99,9 @@ always_inline u16 ipsec_ip6_if_no_tunnel (vlib_node_runtime_t * node, vlib_buffer_t * b, const esp_header_t * esp) { - if (PREDICT_FALSE (0 == esp->spi)) - { - b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_NO_TUNNEL]; - b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_SPI_0]; - } - else - { - b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_NO_TUNNEL]; - b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_NO_SUCH_TUNNEL]; - } + b->error = node->errors[IPSEC_TUN_PROTECT_INPUT_ERROR_NO_TUNNEL]; + b->punt_reason = ipsec_punt_reason[IPSEC_PUNT_IP6_NO_SUCH_TUNNEL]; + return (IPSEC_INPUT_NEXT_PUNT); } |