X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=examples%2Fipsec-secgw%2Fipsec_process.c;h=3f9cacb8fd9588a556c6c45cd92861e79f8ab8a7;hb=17424ededb3e02eb6b39972c0b379e08a604df65;hp=e403c461aa6678b94a57fe7bee7ea1e769200655;hpb=3e5f4625dc17064e5e44d7fddaf57d9d9afb7ae4;p=dpdk.git

diff --git a/examples/ipsec-secgw/ipsec_process.c b/examples/ipsec-secgw/ipsec_process.c
index e403c461aa..3f9cacb8fd 100644
--- a/examples/ipsec-secgw/ipsec_process.c
+++ b/examples/ipsec-secgw/ipsec_process.c
@@ -217,16 +217,11 @@ ipsec_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf)
 		pg = grp + i;
 		sa = pg->id.ptr;
 
-		/* no valid SA found */
-		if (sa == NULL)
-			k = 0;
-
 		ips = &sa->ips;
-		satp = rte_ipsec_sa_type(ips->sa);
 
 		/* no valid HW session for that SA, try to create one */
-		if (ips->crypto.ses == NULL &&
-				fill_ipsec_session(ips, ctx, sa) != 0)
+		if (sa == NULL || (ips->crypto.ses == NULL &&
+				fill_ipsec_session(ips, ctx, sa) != 0))
 			k = 0;
 
 		/* process packets inline */
@@ -234,6 +229,8 @@ ipsec_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf)
 				sa->type ==
 				RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL) {
 
+			satp = rte_ipsec_sa_type(ips->sa);
+
 			/*
 			 * This is just to satisfy inbound_sa_check()
 			 * and get_hop_for_offload_pkt().