aboutsummaryrefslogtreecommitdiffstats
path: root/resources/libraries/python/IPsecUtil.py
diff options
context:
space:
mode:
authorJan Gelety <jgelety@cisco.com>2019-12-12 23:32:05 +0100
committerJan Gelety <jgelety@cisco.com>2020-03-10 14:25:37 +0000
commitdcbf9830d56b711787e310c2eb742803d27fbf58 (patch)
treecab664556b67861805e7901df40daee4df5ceae3 /resources/libraries/python/IPsecUtil.py
parent70382073b3af97f398d6dd81b5cf5e451644ff1f (diff)
CSIT-1597 API cleanup: ipsec
- cover API changes in VPP: https://gerrit.fd.io/r/c/vpp/+/25529 - update vpp stable to version 20.05-rc0~312-g287d5e109 Change-Id: I6c7b3520f4bb306c3b0b59247b4ba2d5f170686c Signed-off-by: Jan Gelety <jgelety@cisco.com>
Diffstat (limited to 'resources/libraries/python/IPsecUtil.py')
-rw-r--r--resources/libraries/python/IPsecUtil.py32
1 files changed, 16 insertions, 16 deletions
diff --git a/resources/libraries/python/IPsecUtil.py b/resources/libraries/python/IPsecUtil.py
index e8fdad3901..7cbfea1545 100644
--- a/resources/libraries/python/IPsecUtil.py
+++ b/resources/libraries/python/IPsecUtil.py
@@ -83,8 +83,8 @@ class IntegAlg(Enum):
class IPsecProto(IntEnum):
"""IPsec protocol."""
- ESP = 1
- SEC_AH = 0
+ IPSEC_API_PROTO_ESP = 50
+ IPSEC_API_PROTO_AH = 51
class IPsecSadFlags(IntEnum):
@@ -229,7 +229,7 @@ class IPsecUtil:
:returns: IPsecProto enum ESP object.
:rtype: IPsecProto
"""
- return int(IPsecProto.ESP)
+ return int(IPsecProto.IPSEC_API_PROTO_ESP)
@staticmethod
def ipsec_proto_ah():
@@ -238,7 +238,7 @@ class IPsecUtil:
:returns: IPsecProto enum AH object.
:rtype: IPsecProto
"""
- return int(IPsecProto.SEC_AH)
+ return int(IPsecProto.IPSEC_API_PROTO_AH)
@staticmethod
def vpp_ipsec_select_backend(node, protocol, index=1):
@@ -327,10 +327,10 @@ class IPsecUtil:
flags=flags,
tunnel_src=str(src_addr),
tunnel_dst=str(dst_addr),
- protocol=int(IPsecProto.ESP)
+ protocol=int(IPsecProto.IPSEC_API_PROTO_ESP)
)
args = dict(
- is_add=1,
+ is_add=True,
entry=sad_entry
)
with PapiSocketExecutor(node) as papi_exec:
@@ -436,10 +436,10 @@ class IPsecUtil:
flags=flags,
tunnel_src=str(src_addr),
tunnel_dst=str(dst_addr),
- protocol=int(IPsecProto.ESP)
+ protocol=int(IPsecProto.IPSEC_API_PROTO_ESP)
)
args = dict(
- is_add=1,
+ is_add=True,
entry=sad_entry
)
with PapiSocketExecutor(node) as papi_exec:
@@ -547,7 +547,7 @@ class IPsecUtil:
err_msg = f"Failed to add Security Policy Database " \
f"on host {node[u'host']}"
args = dict(
- is_add=1,
+ is_add=True,
spd_id=int(spd_id)
)
with PapiSocketExecutor(node) as papi_exec:
@@ -568,7 +568,7 @@ class IPsecUtil:
err_msg = f"Failed to add interface {interface} to Security Policy " \
f"Database {spd_id} on host {node[u'host']}"
args = dict(
- is_add=1,
+ is_add=True,
sw_if_index=InterfaceUtil.get_interface_index(node, interface),
spd_id=int(spd_id)
)
@@ -628,7 +628,7 @@ class IPsecUtil:
spd_entry = dict(
spd_id=int(spd_id),
priority=int(priority),
- is_outbound=0 if inbound else 1,
+ is_outbound=not inbound,
sa_id=int(sa_id) if sa_id else 0,
policy=action.policy_int_repr,
protocol=int(proto) if proto else 0,
@@ -654,7 +654,7 @@ class IPsecUtil:
else 65535
)
args = dict(
- is_add=1,
+ is_add=True,
entry=spd_entry
)
with PapiSocketExecutor(node) as papi_exec:
@@ -718,7 +718,7 @@ class IPsecUtil:
spd_entry = dict(
spd_id=int(spd_id),
priority=int(priority),
- is_outbound=0 if inbound else 1,
+ is_outbound=not inbound,
sa_id=int(sa_id) if sa_id else 0,
policy=IPsecUtil.policy_action_protect().policy_int_repr,
protocol=0,
@@ -736,7 +736,7 @@ class IPsecUtil:
local_port_stop=65535
)
args = dict(
- is_add=1,
+ is_add=True,
entry=spd_entry
)
@@ -966,7 +966,7 @@ class IPsecUtil:
)
cmd2 = u"ipsec_tunnel_if_add_del"
args2 = dict(
- is_add=1,
+ is_add=True,
local_ip=None,
remote_ip=None,
local_spi=0,
@@ -1077,7 +1077,7 @@ class IPsecUtil:
# Configure IPsec tunnel interfaces
cmd2 = u"ipsec_tunnel_if_add_del"
args2 = dict(
- is_add=1,
+ is_add=True,
local_ip=IPUtil.create_ip_address_object(if2_ip),
remote_ip=None,
local_spi=0,