Fix IPsec intf tx node setup at intf creation
When using a DPDK cryptodev with IPsec, sending outbound
packets results in a crash on division by zero if using an
algorithm not supported by the OpenSSL ESP nodes. This
includes AES-GCM and MD5.
At IPsec intf creation time, the next node at slot
IPSEC_OUTPUT_NEXT_ESP_ENCRYPT for ipsec_if_tx_node_fn is
set to the node named esp-encrypt. This is the OpenSSL
ESP encrypt function. If DPDK cryptodevs are configured,
dpdk-esp-encrypt is the correct next node.
Change to setting the next node according to the value in
ipsec_main.esp_encrypt_node_index. That value is set to
esp-encrypt by default. If DPDK cryptodevs are configured
it gets set to dpdk-esp-encrypt.
Change-Id: I83896c76b975d74aead247a162c85eccca9575a8
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Code Review / vpp.git / commit