Code Review / vpp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 41e96bb)
ipsec: allow null cipher with dpdk esp 66/22466/2
authorChristian E. Hopps <[email protected]>
Fri, 27 Sep 2019 19:19:19 +0000 (15:19 -0400)
committerAndrew Yourtchenko <[email protected]>
Thu, 3 Oct 2019 10:07:17 +0000 (10:07 +0000)
The NULL cipher is a (valid) non-AEAD choice for ESP encrypt path.
Allow it.

Type: fix
Signed-off-by: Christian E. Hopps <[email protected]>
Change-Id: I6d8b66223a0ffb0952c2dd6fa898a8a2289fef7a
(cherry picked from commit 5a2426386d31c90e833c639332a80a8b60bfed2f)

src/plugins/dpdk/ipsec/esp_encrypt.c patch | blob | history

diff --git a/src/plugins/dpdk/ipsec/esp_encrypt.c b/src/plugins/dpdk/ipsec/esp_encrypt.c
index 4d57909..1d29841 100644 (file)
--- a/src/plugins/dpdk/ipsec/esp_encrypt.c
+++ b/src/plugins/dpdk/ipsec/esp_encrypt.c
@@ -511,7 +511,8 @@ dpdk_esp_encrypt_inline (vlib_main_t * vm,
          u64 digest_paddr =
            mb0->buf_physaddr + digest - ((u8 *) mb0->buf_addr);
 
-         if (!is_aead && cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC)
+         if (!is_aead && (cipher_alg->alg == RTE_CRYPTO_CIPHER_AES_CBC ||
+                          cipher_alg->alg == RTE_CRYPTO_CIPHER_NULL))
            {
              cipher_off = sizeof (esp_header_t);
              cipher_len = iv_size + pad_payload_len;
Vector Packet Processing