diff options
Diffstat (limited to 'ipsec')
3 files changed, 33 insertions, 15 deletions
diff --git a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java index 1822b024f..d5b41cbe1 100644 --- a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java +++ b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java @@ -103,21 +103,17 @@ public class IpsecSadEntryCustomizer extends FutureJVppCustomizer if (dataAfter.getSpi() != null) { request.entry.spi = dataAfter.getSpi().intValue(); } - request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_NONE; + request.entry.flags = new IpsecSadFlags(); if (dataAfter.getAntiReplayWindow() != null && dataAfter.getAntiReplayWindow() > 0) { - request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY; + request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY); } - if (dataAfter.getSaMode() != null && dataAfter.getSaMode().equals(IpsecMode.Tunnel)) { - //TODO check if flags can be set at once if (dataAfter.getSourceAddress() != null && dataAfter.getSourceAddress().getIpAddress() instanceof Ipv4Address) { - request.entry.flags = IpsecSadFlags - .forValue((request.entry.flags.value + IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL.value)); + request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL); } else if (dataAfter.getSourceAddress() != null && dataAfter.getSourceAddress().getIpAddress() instanceof Ipv6Address) { - request.entry.flags = IpsecSadFlags - .forValue((request.entry.flags.value + IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6.value)); + request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6); } } request.isAdd = adding diff --git a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java index 46ebd89d8..53cbb4b3e 100644 --- a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java +++ b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java @@ -87,8 +87,9 @@ public class IpsecStateCustomizerTest extends ReaderCustomizerTest<IpsecState, I saDetail.entry.protocol = IPSEC_API_PROTO_ESP; saDetail.lastSeqInbound = LAST_SEQ_INB; saDetail.replayWindow = REPLY_WINDOW; - saDetail.entry.flags = IpsecSadFlags.forValue(IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL.value + - IpsecSadFlags.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY.value); + saDetail.entry.flags = new IpsecSadFlags(); + saDetail.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL); + saDetail.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY); saDetail.entry.tunnelSrc = ipv4AddressNoZoneToAddress(TUNNEL_SRC_ADDR); saDetail.entry.tunnelDst = ipv4AddressNoZoneToAddress(TUNNEL_DST_ADDR); saDetails.add(saDetail); diff --git a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java index 81588fea7..9f1ef23aa 100644 --- a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java +++ b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java @@ -16,7 +16,6 @@ package io.fd.hc2vpp.ipsec.write; -import static io.fd.vpp.jvpp.core.types.IpsecSadFlags.IPSEC_API_SAD_FLAG_NONE; import static org.junit.Assert.assertEquals; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.verify; @@ -38,7 +37,6 @@ import io.fd.vpp.jvpp.core.types.IpsecIntegAlg; import io.fd.vpp.jvpp.core.types.IpsecProto; import io.fd.vpp.jvpp.core.types.IpsecSadEntry; import io.fd.vpp.jvpp.core.types.IpsecSadFlags; -import io.fd.vpp.jvpp.core.types.IpsecSpdEntry; import io.fd.vpp.jvpp.core.types.Key; import org.junit.Test; import org.junit.runner.RunWith; @@ -94,6 +92,27 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements } @Test + public void testFlags() { + IpsecSadFlags flags = new IpsecSadFlags(); + flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL); + flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY); + flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_EXTENDED_SEQ_NUM); + + IpsecSadFlags flags2 = new IpsecSadFlags(); + flags2.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY); + flags2.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_EXTENDED_SEQ_NUM); + flags2.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL); + ; + IpsecSadFlags flags3 = new IpsecSadFlags(); + flags3.setOptionsValue(7); + + assertEquals(4, IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL.value); + assertEquals(flags, flags2); + assertEquals(7, flags.getOptionsValue()); + assertEquals(flags, flags3); + } + + @Test public void testWrite(@InjectTestData(resourcePath = "/sadEntries/addDelSadEntry.json", id = SAD_PATH) Sad sad) throws WriteFailedException { final SadEntries data = sad.getSadEntries().get(0); @@ -108,7 +127,8 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements request.entry.cryptoKey = new Key(); request.entry.cryptoKey.data = CRYPTO_KEY.getBytes(); request.entry.cryptoKey.length = (byte) CRYPTO_KEY.getBytes().length; - request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL; + request.entry.flags = new IpsecSadFlags(); + request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL); request.entry.tunnelSrc = ipv4AddressToAddress(TNL_SRC_ADDR); request.entry.tunnelDst = ipv4AddressToAddress(TNL_DST_ADDR); @@ -177,7 +197,8 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements request.entry.cryptoKey = new Key(); request.entry.cryptoKey.data = null; request.entry.cryptoKey.length = 0; - request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY; + request.entry.flags = new IpsecSadFlags(); + request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY); request.entry.tunnelSrc = ipv6AddressToAddress(Ipv6Address.getDefaultInstance("2001::11")); request.entry.tunnelDst = ipv6AddressToAddress(Ipv6Address.getDefaultInstance("2001::12")); verify(api).ipsecSadEntryAddDel(request); @@ -194,7 +215,7 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements request.entry = new IpsecSadEntry(); request.entry.spi = SPI_1002; request.entry.sadId = SAD_ID; - request.entry.flags = IPSEC_API_SAD_FLAG_NONE; + request.entry.flags = new IpsecSadFlags(); verify(api).ipsecSadEntryAddDel(request); } |