summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2019-03-26 08:21:25 +0000
committerDamjan Marion <dmarion@me.com>2019-03-26 16:33:13 +0000
commitaf3f0783b0ef189d54bb8fdf0a112347a420e9bb (patch)
tree80344f04af8d937b02cb94b4dfa24e5dbd25bd5e
parent7ced7726d73c8588bdee8866e072c40d504db6c5 (diff)
IPSEC: more expressive API errors
Change-Id: I517a7bdae03abfea58451819e7854974397d77f8 Signed-off-by: Neale Ranns <nranns@cisco.com>
-rw-r--r--src/vnet/api_errno.h4
-rw-r--r--src/vnet/ipsec/ipsec_api.c10
-rw-r--r--src/vnet/ipsec/ipsec_if.c4
3 files changed, 10 insertions, 8 deletions
diff --git a/src/vnet/api_errno.h b/src/vnet/api_errno.h
index 1ec5ad4a683..b474e194636 100644
--- a/src/vnet/api_errno.h
+++ b/src/vnet/api_errno.h
@@ -145,7 +145,9 @@ _(INVALID_SESSION_ID, -148, "session ID out of range") \
_(ACL_IN_USE_BY_LOOKUP_CONTEXT, -149, "ACL in use by a lookup context") \
_(INVALID_VALUE_3, -150, "Invalid value #3") \
_(NON_ETHERNET, -151, "Interface is not an Ethernet interface") \
-_(BD_ALREADY_HAS_BVI, -152, "Bridge domain already has a BVI interface")
+_(BD_ALREADY_HAS_BVI, -152, "Bridge domain already has a BVI interface") \
+_(INVALID_PROTOCOL, -153, "Invalid Protocol") \
+_(INVALID_ALGORITHM, -154, "Invalid Algorithm")
typedef enum
{
diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c
index 4bb3a75b936..f43cae99cc9 100644
--- a/src/vnet/ipsec/ipsec_api.c
+++ b/src/vnet/ipsec/ipsec_api.c
@@ -207,7 +207,7 @@ ipsec_proto_decode (vl_api_ipsec_proto_t in, ipsec_protocol_t * out)
*out = IPSEC_PROTOCOL_AH;
return (0);
}
- return (VNET_API_ERROR_UNIMPLEMENTED);
+ return (VNET_API_ERROR_INVALID_PROTOCOL);
}
static vl_api_ipsec_proto_t
@@ -237,7 +237,7 @@ ipsec_crypto_algo_decode (vl_api_ipsec_crypto_alg_t in,
foreach_ipsec_crypto_alg
#undef _
}
- return (VNET_API_ERROR_UNIMPLEMENTED);
+ return (VNET_API_ERROR_INVALID_ALGORITHM);
}
static vl_api_ipsec_crypto_alg_t
@@ -270,7 +270,7 @@ ipsec_integ_algo_decode (vl_api_ipsec_integ_alg_t in, ipsec_integ_alg_t * out)
foreach_ipsec_integ_alg
#undef _
}
- return (VNET_API_ERROR_UNIMPLEMENTED);
+ return (VNET_API_ERROR_INVALID_ALGORITHM);
}
static vl_api_ipsec_integ_alg_t
@@ -780,7 +780,7 @@ vl_api_ipsec_tunnel_if_set_key_t_handler (vl_api_ipsec_tunnel_if_set_key_t *
if (mp->alg < IPSEC_CRYPTO_ALG_AES_CBC_128 ||
mp->alg >= IPSEC_CRYPTO_N_ALG)
{
- rv = VNET_API_ERROR_UNIMPLEMENTED;
+ rv = VNET_API_ERROR_INVALID_ALGORITHM;
goto out;
}
break;
@@ -788,7 +788,7 @@ vl_api_ipsec_tunnel_if_set_key_t_handler (vl_api_ipsec_tunnel_if_set_key_t *
case IPSEC_IF_SET_KEY_TYPE_REMOTE_INTEG:
if (mp->alg >= IPSEC_INTEG_N_ALG)
{
- rv = VNET_API_ERROR_UNIMPLEMENTED;
+ rv = VNET_API_ERROR_INVALID_ALGORITHM;
goto out;
}
break;
diff --git a/src/vnet/ipsec/ipsec_if.c b/src/vnet/ipsec/ipsec_if.c
index 41089b6c2ab..bf3460423fb 100644
--- a/src/vnet/ipsec/ipsec_if.c
+++ b/src/vnet/ipsec/ipsec_if.c
@@ -343,7 +343,7 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm,
&args->local_ip, &t->input_sa_index);
if (rv)
- return VNET_API_ERROR_UNIMPLEMENTED;
+ return VNET_API_ERROR_INVALID_SRC_ADDRESS;
ipsec_mk_key (&crypto_key,
args->local_crypto_key, args->local_crypto_key_len);
@@ -363,7 +363,7 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm,
&args->remote_ip, &t->output_sa_index);
if (rv)
- return VNET_API_ERROR_UNIMPLEMENTED;
+ return VNET_API_ERROR_INVALID_DST_ADDRESS;
/* copy the key */
if (is_ip6)