summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/ipsec_sa.h
diff options
context:
space:
mode:
authorNeale Ranns <neale@graphiant.com>2021-02-04 11:09:33 +0000
committerMatthew Smith <mgsmith@netgate.com>2021-02-08 19:37:28 +0000
commitc7eaa711f3e25580687df0618e9ca80d3dc85e5f (patch)
tree0871a2a166c46c3dc2a50bdc635de1a2a6cbc2b3 /src/vnet/ipsec/ipsec_sa.h
parent4c71d6c8f84d48754a8ead116f223088b85f587c (diff)
ipsec: Use the new tunnel API types to add flow label and TTL copy
support Type: feature Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I6d4a9b187daa725d4b2cbb66e11616802d44d2d3
Diffstat (limited to 'src/vnet/ipsec/ipsec_sa.h')
-rw-r--r--src/vnet/ipsec/ipsec_sa.h31
1 files changed, 8 insertions, 23 deletions
diff --git a/src/vnet/ipsec/ipsec_sa.h b/src/vnet/ipsec/ipsec_sa.h
index 7a52e831c77..84abd6ef4b4 100644
--- a/src/vnet/ipsec/ipsec_sa.h
+++ b/src/vnet/ipsec/ipsec_sa.h
@@ -174,8 +174,7 @@ typedef struct
ipsec_protocol_t protocol;
tunnel_encap_decap_flags_t tunnel_flags;
- ip_dscp_t dscp;
- u8 __pad2[1];
+ u8 __pad[2];
/* data accessed by dataplane code should be above this comment */
CLIB_CACHE_LINE_ALIGN_MARK (cacheline2);
@@ -203,8 +202,7 @@ typedef struct
u64 data;
} async_op_data;
- ip46_address_t tunnel_src_addr;
- ip46_address_t tunnel_dst_addr;
+ tunnel_t tunnel;
fib_node_t node;
@@ -214,10 +212,6 @@ typedef struct
vnet_crypto_alg_t integ_calg;
vnet_crypto_alg_t crypto_calg;
- fib_node_index_t fib_entry_index;
- u32 sibling;
- u32 tx_fib_index;
-
/* else u8 packed */
ipsec_crypto_alg_t crypto_alg;
ipsec_integ_alg_t integ_alg;
@@ -258,21 +252,12 @@ extern vlib_combined_counter_main_t ipsec_sa_counters;
extern void ipsec_mk_key (ipsec_key_t * key, const u8 * data, u8 len);
-extern int ipsec_sa_add_and_lock (u32 id,
- u32 spi,
- ipsec_protocol_t proto,
- ipsec_crypto_alg_t crypto_alg,
- const ipsec_key_t * ck,
- ipsec_integ_alg_t integ_alg,
- const ipsec_key_t * ik,
- ipsec_sa_flags_t flags,
- u32 tx_table_id,
- u32 salt,
- const ip46_address_t * tunnel_src_addr,
- const ip46_address_t * tunnel_dst_addr,
- tunnel_encap_decap_flags_t tunnel_flags,
- ip_dscp_t dscp,
- u32 * sa_index, u16 src_port, u16 dst_port);
+extern int
+ipsec_sa_add_and_lock (u32 id, u32 spi, ipsec_protocol_t proto,
+ ipsec_crypto_alg_t crypto_alg, const ipsec_key_t *ck,
+ ipsec_integ_alg_t integ_alg, const ipsec_key_t *ik,
+ ipsec_sa_flags_t flags, u32 salt, u16 src_port,
+ u16 dst_port, const tunnel_t *tun, u32 *sa_out_index);
extern index_t ipsec_sa_find_and_lock (u32 id);
extern int ipsec_sa_unlock_id (u32 id);
extern void ipsec_sa_unlock (index_t sai);