summaryrefslogtreecommitdiffstats
path: root/ipsec
diff options
context:
space:
mode:
Diffstat (limited to 'ipsec')
-rw-r--r--ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java12
-rw-r--r--ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java5
-rw-r--r--ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java31
3 files changed, 33 insertions, 15 deletions
diff --git a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java
index 1822b024f..d5b41cbe1 100644
--- a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java
+++ b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java
@@ -103,21 +103,17 @@ public class IpsecSadEntryCustomizer extends FutureJVppCustomizer
if (dataAfter.getSpi() != null) {
request.entry.spi = dataAfter.getSpi().intValue();
}
- request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_NONE;
+ request.entry.flags = new IpsecSadFlags();
if (dataAfter.getAntiReplayWindow() != null && dataAfter.getAntiReplayWindow() > 0) {
- request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY;
+ request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY);
}
-
if (dataAfter.getSaMode() != null && dataAfter.getSaMode().equals(IpsecMode.Tunnel)) {
- //TODO check if flags can be set at once
if (dataAfter.getSourceAddress() != null &&
dataAfter.getSourceAddress().getIpAddress() instanceof Ipv4Address) {
- request.entry.flags = IpsecSadFlags
- .forValue((request.entry.flags.value + IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL.value));
+ request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL);
} else if (dataAfter.getSourceAddress() != null &&
dataAfter.getSourceAddress().getIpAddress() instanceof Ipv6Address) {
- request.entry.flags = IpsecSadFlags
- .forValue((request.entry.flags.value + IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6.value));
+ request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6);
}
}
request.isAdd = adding
diff --git a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java
index 46ebd89d8..53cbb4b3e 100644
--- a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java
+++ b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/read/IpsecStateCustomizerTest.java
@@ -87,8 +87,9 @@ public class IpsecStateCustomizerTest extends ReaderCustomizerTest<IpsecState, I
saDetail.entry.protocol = IPSEC_API_PROTO_ESP;
saDetail.lastSeqInbound = LAST_SEQ_INB;
saDetail.replayWindow = REPLY_WINDOW;
- saDetail.entry.flags = IpsecSadFlags.forValue(IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL.value +
- IpsecSadFlags.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY.value);
+ saDetail.entry.flags = new IpsecSadFlags();
+ saDetail.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL);
+ saDetail.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY);
saDetail.entry.tunnelSrc = ipv4AddressNoZoneToAddress(TUNNEL_SRC_ADDR);
saDetail.entry.tunnelDst = ipv4AddressNoZoneToAddress(TUNNEL_DST_ADDR);
saDetails.add(saDetail);
diff --git a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java
index 81588fea7..9f1ef23aa 100644
--- a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java
+++ b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java
@@ -16,7 +16,6 @@
package io.fd.hc2vpp.ipsec.write;
-import static io.fd.vpp.jvpp.core.types.IpsecSadFlags.IPSEC_API_SAD_FLAG_NONE;
import static org.junit.Assert.assertEquals;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.verify;
@@ -38,7 +37,6 @@ import io.fd.vpp.jvpp.core.types.IpsecIntegAlg;
import io.fd.vpp.jvpp.core.types.IpsecProto;
import io.fd.vpp.jvpp.core.types.IpsecSadEntry;
import io.fd.vpp.jvpp.core.types.IpsecSadFlags;
-import io.fd.vpp.jvpp.core.types.IpsecSpdEntry;
import io.fd.vpp.jvpp.core.types.Key;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -94,6 +92,27 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements
}
@Test
+ public void testFlags() {
+ IpsecSadFlags flags = new IpsecSadFlags();
+ flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL);
+ flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY);
+ flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_EXTENDED_SEQ_NUM);
+
+ IpsecSadFlags flags2 = new IpsecSadFlags();
+ flags2.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY);
+ flags2.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_EXTENDED_SEQ_NUM);
+ flags2.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL);
+ ;
+ IpsecSadFlags flags3 = new IpsecSadFlags();
+ flags3.setOptionsValue(7);
+
+ assertEquals(4, IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL.value);
+ assertEquals(flags, flags2);
+ assertEquals(7, flags.getOptionsValue());
+ assertEquals(flags, flags3);
+ }
+
+ @Test
public void testWrite(@InjectTestData(resourcePath = "/sadEntries/addDelSadEntry.json", id = SAD_PATH) Sad sad)
throws WriteFailedException {
final SadEntries data = sad.getSadEntries().get(0);
@@ -108,7 +127,8 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements
request.entry.cryptoKey = new Key();
request.entry.cryptoKey.data = CRYPTO_KEY.getBytes();
request.entry.cryptoKey.length = (byte) CRYPTO_KEY.getBytes().length;
- request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL;
+ request.entry.flags = new IpsecSadFlags();
+ request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_IS_TUNNEL);
request.entry.tunnelSrc = ipv4AddressToAddress(TNL_SRC_ADDR);
request.entry.tunnelDst = ipv4AddressToAddress(TNL_DST_ADDR);
@@ -177,7 +197,8 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements
request.entry.cryptoKey = new Key();
request.entry.cryptoKey.data = null;
request.entry.cryptoKey.length = 0;
- request.entry.flags = IpsecSadFlags.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY;
+ request.entry.flags = new IpsecSadFlags();
+ request.entry.flags.add(IpsecSadFlags.IpsecSadFlagsOptions.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY);
request.entry.tunnelSrc = ipv6AddressToAddress(Ipv6Address.getDefaultInstance("2001::11"));
request.entry.tunnelDst = ipv6AddressToAddress(Ipv6Address.getDefaultInstance("2001::12"));
verify(api).ipsecSadEntryAddDel(request);
@@ -194,7 +215,7 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements
request.entry = new IpsecSadEntry();
request.entry.spi = SPI_1002;
request.entry.sadId = SAD_ID;
- request.entry.flags = IPSEC_API_SAD_FLAG_NONE;
+ request.entry.flags = new IpsecSadFlags();
verify(api).ipsecSadEntryAddDel(request);
}