diff options
author | Jan Gelety <jgelety@cisco.com> | 2019-12-12 23:32:05 +0100 |
---|---|---|
committer | Jan Gelety <jgelety@cisco.com> | 2020-03-10 14:25:37 +0000 |
commit | dcbf9830d56b711787e310c2eb742803d27fbf58 (patch) | |
tree | cab664556b67861805e7901df40daee4df5ceae3 | |
parent | 70382073b3af97f398d6dd81b5cf5e451644ff1f (diff) |
CSIT-1597 API cleanup: ipsec
- cover API changes in VPP: https://gerrit.fd.io/r/c/vpp/+/25529
- update vpp stable to version 20.05-rc0~312-g287d5e109
Change-Id: I6c7b3520f4bb306c3b0b59247b4ba2d5f170686c
Signed-off-by: Jan Gelety <jgelety@cisco.com>
-rw-r--r-- | VPP_STABLE_VER_CENTOS | 2 | ||||
-rw-r--r-- | VPP_STABLE_VER_UBUNTU_BIONIC | 2 | ||||
-rw-r--r-- | resources/api/vpp/supported_crcs.yaml | 251 | ||||
-rw-r--r-- | resources/libraries/python/IPsecUtil.py | 32 |
4 files changed, 20 insertions, 267 deletions
diff --git a/VPP_STABLE_VER_CENTOS b/VPP_STABLE_VER_CENTOS index 438df80251..c3588aaeb7 100644 --- a/VPP_STABLE_VER_CENTOS +++ b/VPP_STABLE_VER_CENTOS @@ -1 +1 @@ -20.05-rc0~307_g145e330~b9028 +20.05-rc0~312_g287d5e1~b9033 diff --git a/VPP_STABLE_VER_UBUNTU_BIONIC b/VPP_STABLE_VER_UBUNTU_BIONIC index d00c866a85..6f8642546b 100644 --- a/VPP_STABLE_VER_UBUNTU_BIONIC +++ b/VPP_STABLE_VER_UBUNTU_BIONIC @@ -1 +1 @@ -20.05-rc0~307-g145e330f0 +20.05-rc0~312-g287d5e109 diff --git a/resources/api/vpp/supported_crcs.yaml b/resources/api/vpp/supported_crcs.yaml index 2f439c6543..2014cd3205 100644 --- a/resources/api/vpp/supported_crcs.yaml +++ b/resources/api/vpp/supported_crcs.yaml @@ -30,255 +30,8 @@ # Use bash command "env LC_COLLATE=C sort -u" if not clear. # https://logs.fd.io/production/vex-yul-rot-jenkins-1 -# /vpp-merge-master-ubuntu1804/802/ -20.05-rc0~307: - acl_add_replace: '0x13bc8539' # dev - acl_add_replace_reply: '0xac407b0c' # dev - acl_details: '0xf89d7a88' # perf teardown - acl_dump: '0xef34fea4' # perf teardown - acl_interface_list_details: '0xd5e80809' # perf teardown - acl_interface_list_dump: '0x529cb13f' # perf teardown - acl_interface_set_acl_list: '0x8baece38' # perf - acl_interface_set_acl_list_reply: '0xe8d4e804' # perf - # 6x^ tc01-64B-1c-ethip4udp-ip4base-iacl1sf-10kflows-mrr - # tc01-64B-1c-ethip4udp-ip4base-iacl1sl-10kflows-mrr - # ^^ ip4fwdANDiaclANDacl10AND100_flows - avf_create: '0xdaab8ae2' # dev - avf_create_reply: '0x5383d31f' # dev - bond_create: '0x48883c7e' # perf - bond_create_reply: '0x5383d31f' # perf - bond_enslave: '0x076ecfa7' # perf - bond_enslave_reply: '0xe8d4e804' # perf - # 4x^ tc01-64B-1c-1lbvpplacp-dot1q-l2xcbase-eth-2vhostvr1024-1vm-mrr - # ^ l2xcfwdANDlbond_1lANDnf_testpmd - bridge_domain_add_del: '0x600b7170' # dev - bridge_domain_add_del_reply: '0xe8d4e804' # dev - # bridge_domain_dump / details # honeycomb - classify_add_del_session: '0xf20879f0' # dev - classify_add_del_session_reply: '0xe8d4e804' # dev - classify_add_del_table: '0x6849e39e' # dev - classify_add_del_table_reply: '0x05486349' # dev - # classify_session_dump / details # honeycomb - # classify_table_by_interface / reply # honeycomb - # classify_table_info / reply # honeycomb - cli_inband: '0xf8377302' # dev setup - cli_inband_reply: '0x05879051' # dev setup - cop_interface_enable_disable: '0x5501adee' # dev - cop_interface_enable_disable_reply: '0xe8d4e804' # dev - cop_whitelist_enable_disable: '0xdebe13ea' # dev - cop_whitelist_enable_disable_reply: '0xe8d4e804' # dev - create_loopback: '0x42bb5d22' # dev - create_loopback_reply: '0x5383d31f' # dev - create_subif: '0xcb371063' # perf - create_subif_reply: '0x5383d31f' # perf - # ^^ tc01-64B-1c-dot1ad-l2xcbase-mrr - # ^ 3n: dot1adANDl2xcfwd - create_vhost_user_if: '0x591ee951' # dev - create_vhost_user_if_reply: '0x5383d31f' # dev - create_vlan_subif: '0xaf34ac8b' # dev - create_vlan_subif_reply: '0x5383d31f' # dev - # dhcp_proxy_dump / details # honeycomb - gbp_bridge_domain_add: '0x8454bfdf' # dev - gbp_bridge_domain_add_reply: '0xe8d4e804' # dev - gbp_contract_add_del: '0x553e275b' # dev - gbp_contract_add_del_reply: '0x1992deab' # dev - gbp_endpoint_add: '0x9ce16d5a' # dev - gbp_endpoint_add_reply: '0x1dd3ff3e' # dev - gbp_endpoint_group_add: '0x8e0f4054' # dev - gbp_endpoint_group_add_reply: '0xe8d4e804' # dev - gbp_ext_itf_add_del: '0x12ed5700' # dev - gbp_ext_itf_add_del_reply: '0xe8d4e804' # dev - gbp_route_domain_add: '0x2d0afe38' # dev - gbp_route_domain_add_reply: '0xe8d4e804' # dev - gbp_subnet_add_del: '0x888aca35' # dev - gbp_subnet_add_del_reply: '0xe8d4e804' # dev - gpe_enable_disable: '0xeb0e943b' # dev - gpe_enable_disable_reply: '0xe8d4e804' # dev - # gre_tunnel_add_del / reply # unused L1 keyword: create_gre_tunnel_interface - hw_interface_set_mtu: '0xe6746899' # dev - hw_interface_set_mtu_reply: '0xe8d4e804' # dev - input_acl_set_interface: '0xde7ad708' # dev - input_acl_set_interface_reply: '0xe8d4e804' # dev - ip_address_details: '0xb1199745' # dev - ip_address_dump: '0x2d033de4' # dev - ip_neighbor_add_del: '0x105518b6' # dev - ip_neighbor_add_del_reply: '0x1992deab' # dev - # ip_probe_neighbor / reply # unused L1 keyword vpp_ip_probe - ip_route_add_del: '0xc1ff832d' # dev - ip_route_add_del_reply: '0x1992deab' # dev - # ip_source_check_interface_add_del / reply # unused L1 keyword vpp_ip_source_check_setup - ip_table_add_del: '0x0ffdaec0' # dev - ip_table_add_del_reply: '0xe8d4e804' # dev - ipsec_interface_add_del_spd: '0x1e3b8286' # dev - ipsec_interface_add_del_spd_reply: '0xe8d4e804' # dev - ipsec_sad_entry_add_del: '0xa25ab61e' # dev - ipsec_sad_entry_add_del_reply: '0x9ffac24b' # dev - ipsec_select_backend: '0x4fd24836' # perf - ipsec_select_backend_reply: '0xe8d4e804' # perf - # ^^ tc01-64B-1c-ethip4ipsec1tnlhw-ip4base-int-aes256gcm-mrr - # ^ nic_intel-xl710ANDipsechwANDipsecintANDtnl_1ANDaes_256_gcm - ipsec_spd_add_del: '0x9ffdf5da' # dev - ipsec_spd_add_del_reply: '0xe8d4e804' # dev - ipsec_spd_entry_add_del: '0xdb217840' # dev - ipsec_spd_entry_add_del_reply: '0x9ffac24b' # dev - ipsec_tunnel_if_add_del: '0xd5a98274' # perf - ipsec_tunnel_if_add_del_reply: '0xfda5941f' # perf - # ^^ tc01-64B-1c-ethip4ipsec1tnlsw-ip4base-int-aes256gcm-mrr - # ^ See select_backend. - # l2_fib_table_dump / details # honeycomb - l2_interface_vlan_tag_rewrite: '0x62cc0bbc' # dev - l2_interface_vlan_tag_rewrite_reply: '0xe8d4e804' # dev - l2_patch_add_del: '0x522f3445' # dev - l2_patch_add_del_reply: '0xe8d4e804' # dev - # l2fib_add_del / reply # unused L1 keyword: vpp_add_l2fib_entry - lb_conf: '0x22ddb739' # perf - lb_conf_reply: '0xe8d4e804' # perf - lb_add_del_vip: '0xd15b7ddc' # perf - lb_add_del_vip_reply: '0xe8d4e804' # perf - lb_add_del_as: '0x78628987' # perf - lb_add_del_as_reply: '0xe8d4e804' # perf - lb_add_del_intf_nat4: '0x47d6e753' # perf - lb_add_del_intf_nat4_reply: '0xe8d4e804' # perf - # 8x^ tc01-64B-1c-ethip4-loadbalancer-nat4 - # ^ 2n: loadbalancer_nat4 - lisp_add_del_adjacency: '0xf047390d' # dev - lisp_add_del_adjacency_reply: '0xe8d4e804' # dev - lisp_add_del_local_eid: '0xe6d00717' # dev - lisp_add_del_local_eid_reply: '0xe8d4e804' # dev - lisp_add_del_locator: '0x006a4240' # dev - lisp_add_del_locator_reply: '0xe8d4e804' # dev - lisp_add_del_locator_set: '0x06968e38' # dev - lisp_add_del_locator_set_reply: '0xb6666db4' # dev - # lisp_add_del_map_resolver / reply # unused L2 keyword: Configure LISP map resolver address - lisp_add_del_remote_mapping: '0xb879c3a9' # dev - lisp_add_del_remote_mapping_reply: '0xe8d4e804' # dev - lisp_eid_table_add_del_map: '0x59e9975e' # perf - lisp_eid_table_add_del_map_reply: '0xe8d4e804' # perf - # ^^ tc01-64B-1c-ethip4ipsectptlispgpe-ip4base-aes128cbc-hmac256sha-ndrpdr # currently failing before calls - # ^ ipsecANDlispgpe - # lisp_eid_table_dump / details # unused L2 keyword: LISP eid address should be set correctly to eid table - lisp_enable_disable: '0xeb0e943b' # dev - lisp_enable_disable_reply: '0xe8d4e804' # dev - # lisp_locator_set_dump / details # unused L2 keyword: LISP locator_set shpuld be configured correctly - # lisp_map_server_dump / details # honeycomb - # lisp_map_resolver_dump / details # unused L2 keyword: LISP map resolver address should be configured correctly - macip_acl_add: '0x0c680ca5' # perf - macip_acl_add_reply: '0xac407b0c' # perf - macip_acl_details: '0xe164e69a' # perf teardown - macip_acl_dump: '0xef34fea4' # perf teardown - macip_acl_interface_add_del: '0x6a6be97c' # perf - macip_acl_interface_add_del_reply: '0xe8d4e804' # perf - macip_acl_interface_get: '0x51077d14' # perf teardown - macip_acl_interface_get_reply: '0xaccf9b05' # perf teardown - # 8x^ tc01-64B-1c-eth-l2bdbasemaclrn-macip-iacl1sl-100flows-mrr - # ^ macipANDacl1AND100_flows - memif_create: '0xb1b25061' # dev - memif_create_reply: '0x5383d31f' # dev - memif_details: '0xd0382c4c' # dev - memif_dump: '0x51077d14' # dev - memif_socket_filename_add_del: '0xa2ce1a10' # dev - memif_socket_filename_add_del_reply: '0xe8d4e804' # dev - nat44_interface_add_del_feature: '0xf3699b83' # perf - nat44_interface_add_del_feature_reply: '0xe8d4e804' # perf - nat_det_add_del_map: '0x112fde05' # perf - nat_det_add_del_map_reply: '0xe8d4e804' # perf - nat_show_config: '0x51077d14' # perf teardown - nat_show_config_reply: '0x006a0786' # perf teardown - # 6x^ tc01-64B-1c-ethip4udp-ip4base-nat44-mrr - # ^ nat44NOTscaleNOTsrc_user_1 - nsim_configure: '0x16ed400f' # perf - nsim_configure_reply: '0xe8d4e804' # perf - nsim_output_feature_enable_disable: '0x3865946c' # perf - nsim_output_feature_enable_disable_reply: '0xe8d4e804' # perf - # 4x^ tc01-9000B-1c-eth-ip4tcp-nsim-ldpreload-iperf3-bps - # ^ 3n: nsimAND1stream - policer_add_del: '0xdfea2be8' # dev - policer_add_del_reply: '0xa177cef2' # dev - policer_classify_set_interface: '0xde7ad708' # dev - policer_classify_set_interface_reply: '0xe8d4e804' # dev - # 4x^ tc01-64B-ethip4-ip4base-ipolicemarkbase-dev - rdma_create: '0x076fe418' # perf - rdma_create_reply: '0x5383d31f' # perf - # 2x^ Any test with drv_rdma. Currently only available on 2n-clx. - # - Not testable by devicetest (until we have environment with right NICs). - # show_lisp_map_register_state / reply # honeycomb - # show_lisp_map_request_mode / reply # honeycomb - # show_lisp_pitr / reply # honeycomb - # show_lisp_rloc_probe_state / reply # honeycomb - # show_lisp_status / reply # unused L2 keywords: LISP should be enabled / disabled - # show_lisp_use_petr / reply # honeycomb - show_threads: '0x51077d14' # dev - show_threads_reply: '0xf5e0b66f' # dev - show_version: '0x51077d14' # dev setup - show_version_reply: '0xc919bde1' # dev setup - sr_localsid_add_del: '0xb30489eb' # perf - sr_localsid_add_del_reply: '0xe8d4e804' # perf - sr_localsids_details: '0x0791babc' # perf teardown - sr_localsids_dump: '0x51077d14' # perf teardown - sr_policies_details: '0x5087f460' # perf teardown - sr_policies_dump: '0x51077d14' # perf teardown - sr_policy_add: '0x4b6e2484' # perf - sr_policy_add_reply: '0xe8d4e804' # perf - sr_set_encap_source: '0xd05bb4de' # perf - sr_set_encap_source_reply: '0xe8d4e804' # perf - sr_steering_add_del: '0x28b5dcab' # perf - sr_steering_add_del_reply: '0xe8d4e804' # perf - sr_steering_pol_details: '0x5627d483' # perf teardown - sr_steering_pol_dump: '0x51077d14' # perf teardown - # 14x^ tc01-78B-1c-ethip6ip6-ip6base-srv6enc1sid-mrr - # ^ srv6_1sid - sw_interface_add_del_address: '0x5803d5c4' # dev - sw_interface_add_del_address_reply: '0xe8d4e804' # dev - sw_interface_bond_details: '0xf5ef2106' # perf - sw_interface_bond_dump: '0x51077d14' # perf - # ^^ see bond_* - sw_interface_details: '0x17b69fa2' # dev setup - sw_interface_dump: '0xaa610c27' # dev setup - # sw_interface_get_table / reply # honeycomb - sw_interface_ip6nd_ra_config: '0x3eb00b1c' # dev - sw_interface_ip6nd_ra_config_reply: '0xe8d4e804' # dev - sw_interface_set_mac_address: '0x6aca746a' # perf - sw_interface_set_mac_address_reply: '0xe8d4e804' # perf - sw_interface_rx_placement_details: '0xf6d7d024' # perf - sw_interface_rx_placement_dump: '0xf9e6675e' # perf - # ^^ tc01-64B-1c-dot1q-l2bdbasemaclrn-eth-2memif-1dcr-mrr - # ^ dot1qANDl2bdmaclrnANDbaseANDmemif - sw_interface_set_flags: '0x6a2b491a' # dev - sw_interface_set_flags_reply: '0xe8d4e804' # dev - sw_interface_set_l2_bridge: '0x2e483cd0' # dev - sw_interface_set_l2_bridge_reply: '0xe8d4e804' # dev - sw_interface_set_l2_xconnect: '0x1aaa2dbb' # dev - sw_interface_set_l2_xconnect_reply: '0xe8d4e804' # dev - sw_interface_set_rx_placement: '0xdb65f3c9' # perf - sw_interface_set_rx_placement_reply: '0xe8d4e804' # perf - # ^^ see tc01-64B-1c-dot1q-l2bdbasemaclrn-eth-2memif-1dcr-mrr above - sw_interface_set_table: '0xdf42a577' # dev - sw_interface_set_table_reply: '0xe8d4e804' # dev - sw_interface_set_unnumbered: '0x938ef33b' # perf - sw_interface_set_unnumbered_reply: '0xe8d4e804' # perf - # ^^ see ipsec_tunnel_if_add_del - sw_interface_set_vxlan_bypass: '0xe74ca095' # dev - sw_interface_set_vxlan_bypass_reply: '0xe8d4e804' # dev - sw_interface_slave_details: '0x3c4a0e23' # perf - sw_interface_slave_dump: '0xf9e6675e' # perf - # ^^ see bond_* - # sw_interface_span_dump / details # honeycomb - sw_interface_tap_v2_dump: '0xf9e6675e' # dev - sw_interface_tap_v2_details: '0xe53c16de' # dev - sw_interface_vhost_user_details: '0x98530df1' # dev - sw_interface_vhost_user_dump: '0xf9e6675e' # dev - tap_create_v2: '0x445835fd' # dev - tap_create_v2_reply: '0x5383d31f' # dev - vxlan_add_del_tunnel: '0x00f4bdd0' # dev - vxlan_add_del_tunnel_reply: '0xfda5941f' # dev - # vxlan_gpe_tunnel_dump / details # honeycomb - # vxlan_tunnel_dump /details # unused L2 keyword: Get VXLAN dump -# Please keep alphabetic order. -# Use bash command "env LC_COLLATE=C sort -u" if not clear. - - -# https://gerrit.fd.io/r/c/vpp/+/25529 -25529/2: +# /vpp-merge-master-ubuntu1804/807/ +20.01-rc0~312: acl_add_replace: '0x13bc8539' # dev acl_add_replace_reply: '0xac407b0c' # dev acl_details: '0xf89d7a88' # perf teardown diff --git a/resources/libraries/python/IPsecUtil.py b/resources/libraries/python/IPsecUtil.py index e8fdad3901..7cbfea1545 100644 --- a/resources/libraries/python/IPsecUtil.py +++ b/resources/libraries/python/IPsecUtil.py @@ -83,8 +83,8 @@ class IntegAlg(Enum): class IPsecProto(IntEnum): """IPsec protocol.""" - ESP = 1 - SEC_AH = 0 + IPSEC_API_PROTO_ESP = 50 + IPSEC_API_PROTO_AH = 51 class IPsecSadFlags(IntEnum): @@ -229,7 +229,7 @@ class IPsecUtil: :returns: IPsecProto enum ESP object. :rtype: IPsecProto """ - return int(IPsecProto.ESP) + return int(IPsecProto.IPSEC_API_PROTO_ESP) @staticmethod def ipsec_proto_ah(): @@ -238,7 +238,7 @@ class IPsecUtil: :returns: IPsecProto enum AH object. :rtype: IPsecProto """ - return int(IPsecProto.SEC_AH) + return int(IPsecProto.IPSEC_API_PROTO_AH) @staticmethod def vpp_ipsec_select_backend(node, protocol, index=1): @@ -327,10 +327,10 @@ class IPsecUtil: flags=flags, tunnel_src=str(src_addr), tunnel_dst=str(dst_addr), - protocol=int(IPsecProto.ESP) + protocol=int(IPsecProto.IPSEC_API_PROTO_ESP) ) args = dict( - is_add=1, + is_add=True, entry=sad_entry ) with PapiSocketExecutor(node) as papi_exec: @@ -436,10 +436,10 @@ class IPsecUtil: flags=flags, tunnel_src=str(src_addr), tunnel_dst=str(dst_addr), - protocol=int(IPsecProto.ESP) + protocol=int(IPsecProto.IPSEC_API_PROTO_ESP) ) args = dict( - is_add=1, + is_add=True, entry=sad_entry ) with PapiSocketExecutor(node) as papi_exec: @@ -547,7 +547,7 @@ class IPsecUtil: err_msg = f"Failed to add Security Policy Database " \ f"on host {node[u'host']}" args = dict( - is_add=1, + is_add=True, spd_id=int(spd_id) ) with PapiSocketExecutor(node) as papi_exec: @@ -568,7 +568,7 @@ class IPsecUtil: err_msg = f"Failed to add interface {interface} to Security Policy " \ f"Database {spd_id} on host {node[u'host']}" args = dict( - is_add=1, + is_add=True, sw_if_index=InterfaceUtil.get_interface_index(node, interface), spd_id=int(spd_id) ) @@ -628,7 +628,7 @@ class IPsecUtil: spd_entry = dict( spd_id=int(spd_id), priority=int(priority), - is_outbound=0 if inbound else 1, + is_outbound=not inbound, sa_id=int(sa_id) if sa_id else 0, policy=action.policy_int_repr, protocol=int(proto) if proto else 0, @@ -654,7 +654,7 @@ class IPsecUtil: else 65535 ) args = dict( - is_add=1, + is_add=True, entry=spd_entry ) with PapiSocketExecutor(node) as papi_exec: @@ -718,7 +718,7 @@ class IPsecUtil: spd_entry = dict( spd_id=int(spd_id), priority=int(priority), - is_outbound=0 if inbound else 1, + is_outbound=not inbound, sa_id=int(sa_id) if sa_id else 0, policy=IPsecUtil.policy_action_protect().policy_int_repr, protocol=0, @@ -736,7 +736,7 @@ class IPsecUtil: local_port_stop=65535 ) args = dict( - is_add=1, + is_add=True, entry=spd_entry ) @@ -966,7 +966,7 @@ class IPsecUtil: ) cmd2 = u"ipsec_tunnel_if_add_del" args2 = dict( - is_add=1, + is_add=True, local_ip=None, remote_ip=None, local_spi=0, @@ -1077,7 +1077,7 @@ class IPsecUtil: # Configure IPsec tunnel interfaces cmd2 = u"ipsec_tunnel_if_add_del" args2 = dict( - is_add=1, + is_add=True, local_ip=IPUtil.create_ip_address_object(if2_ip), remote_ip=None, local_spi=0, |