ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ip: Ensure reassembly runs before IPSec decrypt.

Browse Source 
Type: fix

Change-Id: I01eeedf8d5015b07b9422c65afe78bfe8177c22c
Signed-off-by: Neale Ranns <nranns@cisco.com>
This commit is contained in:
Neale Ranns
2019-07-29 14:49:52 +00:00
committed by Ole Trøan
parent 513582c96a
commit 1404698df3
4 changed files with 84 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/util.py
View File

@ -386,14 +386,19 @@ def fragment_rfc8200(packet, identification, fragsize, _logger=None):
fragment_ext_hdr = IPv6ExtHdrFragment()
logger.debug(ppp("Fragment header:", fragment_ext_hdr))
len_ext_and_upper_layer_payload = len(ext_and_upper_layer.payload)
if not len_ext_and_upper_layer_payload and \
hasattr(ext_and_upper_layer, "data"):
len_ext_and_upper_layer_payload = len(ext_and_upper_layer.data)
if len(per_fragment_headers) + len(fragment_ext_hdr) +\
len(ext_and_upper_layer) - len(ext_and_upper_layer.payload)\
len(ext_and_upper_layer) - len_ext_and_upper_layer_payload\
> fragsize:
raise Exception("Cannot fragment this packet - MTU too small "
"(%s, %s, %s, %s, %s)" % (
len(per_fragment_headers), len(fragment_ext_hdr),
len(ext_and_upper_layer),
len(ext_and_upper_layer.payload), fragsize))
len_ext_and_upper_layer_payload, fragsize))
orig_nh = packet[IPv6].nh
p = per_fragment_headers