diff options
| author |   Neale Ranns <nranns@cisco.com> | 2020-12-21 13:19:10 +0000 |
|---|---|---|
| committer |   Ole Tr�an <otroan@employees.org> | 2021-01-18 08:35:52 +0000 |
| commit | 4a58e49cfe03150034a65e147a2ffe8d24391b86 (patch) | |
| tree | a929278e8a40067c1d103cf75174aa83f334c26e /src/vnet/ipsec/ipsec_tun.c | |
| parent | 20399f8f3a27d54f65c4aff92998a2a345a7adab (diff) | |
ipsec: Support MPLS over IPSec[46] interface
Type: feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I89dc3815eabfee135cd5b3c910dea5e2e2ef1333
Diffstat (limited to 'src/vnet/ipsec/ipsec_tun.c')
| -rw-r--r-- | src/vnet/ipsec/ipsec_tun.c | 47 |
1 files changed, 31 insertions, 16 deletions
diff --git a/src/vnet/ipsec/ipsec_tun.c b/src/vnet/ipsec/ipsec_tun.c index c3f50a6ffe9..ea60ab44a8c 100644 --- a/src/vnet/ipsec/ipsec_tun.c +++ b/src/vnet/ipsec/ipsec_tun.c @@ -141,33 +141,48 @@ ipsec_tun_protect_get_adj_next (vnet_link_t linkt, { ipsec_main_t *im; ipsec_sa_t *sa; - bool is_ip4; u32 next; - - if (itp->itp_flags & IPSEC_PROTECT_ITF) - is_ip4 = linkt == VNET_LINK_IP4; - else - is_ip4 = ip46_address_is_ip4 (&itp->itp_tun.src); + if (!(itp->itp_flags & IPSEC_PROTECT_ITF)) + { + if (ip46_address_is_ip4 (&itp->itp_tun.src)) + linkt = VNET_LINK_IP4; + else + linkt = VNET_LINK_IP6; + } sa = ipsec_sa_get (itp->itp_out_sa); im = &ipsec_main; + next = 0; if ((sa->crypto_alg == IPSEC_CRYPTO_ALG_NONE && sa->integ_alg == IPSEC_INTEG_ALG_NONE) && !(itp->itp_flags & IPSEC_PROTECT_ITF)) - next = (is_ip4 ? - im->esp4_no_crypto_tun_node_index : - im->esp6_no_crypto_tun_node_index); + next = (VNET_LINK_IP4 == linkt ? im->esp4_no_crypto_tun_node_index : + im->esp6_no_crypto_tun_node_index); else if (itp->itp_flags & IPSEC_PROTECT_L2) - next = (is_ip4 ? - im->esp4_encrypt_l2_tun_node_index : - im->esp6_encrypt_l2_tun_node_index); + next = (VNET_LINK_IP4 == linkt ? im->esp4_encrypt_l2_tun_node_index : + im->esp6_encrypt_l2_tun_node_index); else - next = (is_ip4 ? - im->esp4_encrypt_tun_node_index : - im->esp6_encrypt_tun_node_index); - + { + switch (linkt) + { + case VNET_LINK_IP4: + next = im->esp4_encrypt_tun_node_index; + break; + case VNET_LINK_IP6: + next = im->esp6_encrypt_tun_node_index; + break; + case VNET_LINK_MPLS: + next = im->esp_mpls_encrypt_tun_node_index; + break; + case VNET_LINK_ARP: + case VNET_LINK_NSH: + case VNET_LINK_ETHERNET: + ASSERT (0); + break; + } + } return (next); } |