From 71ad6a9bf02d00e51b0959c33edc1b10dc857353 Mon Sep 17 00:00:00 2001
From: Neale Ranns <nranns@cisco.com>
Date: Tue, 22 Jan 2019 06:42:23 -0800
Subject: [PATCH 1/1] AH encrypt; don't double enqueue nor emit clib_warnings
 when seq-num max exceeded

Change-Id: Id5b47f78521a0cbedf7bd2c72babfb2ffe9fa67d
Signed-off-by: Neale Ranns <nranns@cisco.com>
---
 src/vnet/ipsec/ah_encrypt.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/vnet/ipsec/ah_encrypt.c b/src/vnet/ipsec/ah_encrypt.c
index 0dc1612db5e..8b0c14f0cf3 100644
--- a/src/vnet/ipsec/ah_encrypt.c
+++ b/src/vnet/ipsec/ah_encrypt.c
@@ -125,13 +125,8 @@ ah_encrypt_inline (vlib_main_t * vm,
 
 	  if (PREDICT_FALSE (esp_seq_advance (sa0)))
 	    {
-	      clib_warning ("sequence number counter has cycled SPI %u",
-			    sa0->spi);
 	      vlib_node_increment_counter (vm, node->node_index,
 					   AH_ENCRYPT_ERROR_SEQ_CYCLED, 1);
-	      //TODO need to confirm if below is needed
-	      to_next[0] = i_bi0;
-	      to_next += 1;
 	      goto trace;
 	    }
 
-- 
2.16.6