From 42a392049b8bd287722b0ceb8df3d42b53b2a4a5 Mon Sep 17 00:00:00 2001
From: herstin <47746491+18724012900@users.noreply.github.com>
Date: Thu, 10 Feb 2022 17:45:21 +0800
Subject: [PATCH] Update ikev2.c

In function 'ikev2_node_internal', the offsets of IKE0, UDP, and IP headers in the non-NATT branch are resolved incorrectly. As a result, Ikev2 process will consider that the packet has BAD Length and therefore discard the packet.
---
 src/plugins/ikev2/ikev2.c | 31 +++++++++++++++----------------
 1 file changed, 15 insertions(+), 16 deletions(-)

diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index b5211047242f..e96596994e6e 100644
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -2977,22 +2977,21 @@ ikev2_node_internal (vlib_main_t *vm, vlib_node_runtime_t *node,
       else
 	{
 	  u8 *ipx_hdr = b0->data + vnet_buffer (b0)->l3_hdr_offset;
-	  ike0 = vlib_buffer_get_current (b0);
-	  vlib_buffer_advance (b0, -sizeof (*udp0));
-	  udp0 = vlib_buffer_get_current (b0);
-
-	  if (is_ip4)
-	    {
-	      ip40 = (ip4_header_t *) ipx_hdr;
-	      ip_hdr_sz = sizeof (*ip40);
-	    }
-	  else
-	    {
-	      ip60 = (ip6_header_t *) ipx_hdr;
-	      ip_hdr_sz = sizeof (*ip60);
-	    }
-	  vlib_buffer_advance (b0, -ip_hdr_sz);
-	}
+          if (is_ip4)
+	  {
+	    ip40 = (ip4_header_t *) ipx_hdr;
+	    ip_hdr_sz = sizeof (*ip40);
+	    udp0 = (udp_header_t*)(ip40 + 1);
+	    ike0 = (ike_header_t*)(udp0 + 1);
+	  }
+          else
+	  {
+	    ip60 = (ip6_header_t *) ipx_hdr;
+	    ip_hdr_sz = sizeof (*ip60);
+	    udp0 = (udp_header_t*)(ip60 + 1);
+	    ike0 = (ike_header_t*)(udp0 + 1);
+	  }
+      }
 
       rlen = b0->current_length - ip_hdr_sz - sizeof (*udp0);