diff options
| author |   Matthew Smith <mgsmith@netgate.com> | 2021-02-08 22:13:59 +0000 |
|---|---|---|
| committer | Matthew Smith <mgsmith@netgate.com> | 2021-02-09 04:18:37 +0000 |
| commit | 751bb131ef504b64fe82f393df21dba95ca92e97 (patch) | |
| tree | 46e567343cb71124297aacb1a0b405b95f392bab /src/vnet/ipsec/ipsec_sa.h | |
| parent | a8f4ebd08e6d7fddf6fca4f2ef7081321c51a451 (diff) | |
Revert "ipsec: Use the new tunnel API types to add flow label and TTL copy"
This reverts commit c7eaa711f3e25580687df0618e9ca80d3dc85e5f.
Reason for revert: The jenkins job named 'vpp-merge-master-ubuntu1804-x86_64' had 2 IPv6 AH tests fail after the change was merged. Those 2 tests also failed the next time that job ran after an unrelated change was merged.
Change-Id: I0e2c3ee895114029066c82624e79807af575b6c0
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Diffstat (limited to 'src/vnet/ipsec/ipsec_sa.h')
| -rw-r--r-- | src/vnet/ipsec/ipsec_sa.h | 31 |
1 files changed, 23 insertions, 8 deletions
diff --git a/src/vnet/ipsec/ipsec_sa.h b/src/vnet/ipsec/ipsec_sa.h index 84abd6ef4b4..7a52e831c77 100644 --- a/src/vnet/ipsec/ipsec_sa.h +++ b/src/vnet/ipsec/ipsec_sa.h @@ -174,7 +174,8 @@ typedef struct ipsec_protocol_t protocol; tunnel_encap_decap_flags_t tunnel_flags; - u8 __pad[2]; + ip_dscp_t dscp; + u8 __pad2[1]; /* data accessed by dataplane code should be above this comment */ CLIB_CACHE_LINE_ALIGN_MARK (cacheline2); @@ -202,7 +203,8 @@ typedef struct u64 data; } async_op_data; - tunnel_t tunnel; + ip46_address_t tunnel_src_addr; + ip46_address_t tunnel_dst_addr; fib_node_t node; @@ -212,6 +214,10 @@ typedef struct vnet_crypto_alg_t integ_calg; vnet_crypto_alg_t crypto_calg; + fib_node_index_t fib_entry_index; + u32 sibling; + u32 tx_fib_index; + /* else u8 packed */ ipsec_crypto_alg_t crypto_alg; ipsec_integ_alg_t integ_alg; @@ -252,12 +258,21 @@ extern vlib_combined_counter_main_t ipsec_sa_counters; extern void ipsec_mk_key (ipsec_key_t * key, const u8 * data, u8 len); -extern int -ipsec_sa_add_and_lock (u32 id, u32 spi, ipsec_protocol_t proto, - ipsec_crypto_alg_t crypto_alg, const ipsec_key_t *ck, - ipsec_integ_alg_t integ_alg, const ipsec_key_t *ik, - ipsec_sa_flags_t flags, u32 salt, u16 src_port, - u16 dst_port, const tunnel_t *tun, u32 *sa_out_index); +extern int ipsec_sa_add_and_lock (u32 id, + u32 spi, + ipsec_protocol_t proto, + ipsec_crypto_alg_t crypto_alg, + const ipsec_key_t * ck, + ipsec_integ_alg_t integ_alg, + const ipsec_key_t * ik, + ipsec_sa_flags_t flags, + u32 tx_table_id, + u32 salt, + const ip46_address_t * tunnel_src_addr, + const ip46_address_t * tunnel_dst_addr, + tunnel_encap_decap_flags_t tunnel_flags, + ip_dscp_t dscp, + u32 * sa_index, u16 src_port, u16 dst_port); extern index_t ipsec_sa_find_and_lock (u32 id); extern int ipsec_sa_unlock_id (u32 id); extern void ipsec_sa_unlock (index_t sai); |