diff options
author | Neale Ranns <neale@graphiant.com> | 2021-02-25 08:53:15 +0000 |
---|---|---|
committer | Beno�t Ganne <bganne@cisco.com> | 2021-02-25 10:07:08 +0000 |
commit | 28a0b0197e9894ce835ded5c641fd2a032cf673e (patch) | |
tree | ebb63305487b59d6be0f2e9630d680b4d7dab05d /src | |
parent | 8b4d0dd5ba8ea42063b0700f39c2165486b8c9a0 (diff) |
ikev2: Use the IPSec functions for UDP port management
Type: refactor
IKEv2 registers the IPSec node as the port handler, so it can use the
IPSec functions to do that.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: If398dde0a8eb0407eba3ede62a3d5a8c12fe68a7
Diffstat (limited to 'src')
-rw-r--r-- | src/plugins/ikev2/ikev2.c | 45 | ||||
-rw-r--r-- | src/plugins/ikev2/ikev2_priv.h | 3 |
2 files changed, 2 insertions, 46 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c index d5dd013e0a5..aaebf625ab2 100644 --- a/src/plugins/ikev2/ikev2.c +++ b/src/plugins/ikev2/ikev2.c @@ -3723,27 +3723,7 @@ ikev2_set_local_key (vlib_main_t * vm, u8 * file) static_always_inline vnet_api_error_t ikev2_register_udp_port (ikev2_profile_t * p, u16 port) { - ikev2_main_t *km = &ikev2_main; - udp_dst_port_info_t *pi; - - uword *v = hash_get (km->udp_ports, port); - pi = udp_get_dst_port_info (&udp_main, port, UDP_IP4); - - if (v) - { - /* IKE already uses this port, only increment reference counter */ - ASSERT (pi); - v[0]++; - } - else - { - if (pi) - return VNET_API_ERROR_UDP_PORT_TAKEN; - - udp_register_dst_port (km->vlib_main, port, - ipsec4_tun_input_node.index, 1); - hash_set (km->udp_ports, port, 1); - } + ipsec_register_udp_port (port); p->ipsec_over_udp_port = port; return 0; } @@ -3751,24 +3731,10 @@ ikev2_register_udp_port (ikev2_profile_t * p, u16 port) static_always_inline void ikev2_unregister_udp_port (ikev2_profile_t * p) { - ikev2_main_t *km = &ikev2_main; - uword *v; - if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE) return; - v = hash_get (km->udp_ports, p->ipsec_over_udp_port); - if (!v) - return; - - v[0]--; - - if (v[0] == 0) - { - udp_unregister_dst_port (km->vlib_main, p->ipsec_over_udp_port, 1); - hash_unset (km->udp_ports, p->ipsec_over_udp_port); - } - + ipsec_unregister_udp_port (p->ipsec_over_udp_port); p->ipsec_over_udp_port = IPSEC_UDP_PORT_NONE; } @@ -4171,9 +4137,7 @@ ikev2_set_profile_ipsec_udp_port (vlib_main_t * vm, u8 * name, u16 port, u8 is_set) { ikev2_profile_t *p = ikev2_profile_index_by_name (name); - ikev2_main_t *km = &ikev2_main; vnet_api_error_t rv = 0; - uword *v; if (!p) return VNET_API_ERROR_INVALID_VALUE; @@ -4187,10 +4151,6 @@ ikev2_set_profile_ipsec_udp_port (vlib_main_t * vm, u8 * name, u16 port, } else { - v = hash_get (km->udp_ports, port); - if (!v) - return VNET_API_ERROR_IKE_NO_PORT; - if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE) return VNET_API_ERROR_INVALID_VALUE; @@ -4761,7 +4721,6 @@ ikev2_init (vlib_main_t * vm) km->sa_by_ispi = hash_create (0, sizeof (uword)); km->sw_if_indices = hash_create (0, 0); - km->udp_ports = hash_create (0, sizeof (uword)); udp_register_dst_port (vm, IKEV2_PORT, ikev2_node_ip4.index, 1); udp_register_dst_port (vm, IKEV2_PORT, ikev2_node_ip6.index, 0); diff --git a/src/plugins/ikev2/ikev2_priv.h b/src/plugins/ikev2/ikev2_priv.h index 95c4df4b987..ea630b86de4 100644 --- a/src/plugins/ikev2/ikev2_priv.h +++ b/src/plugins/ikev2/ikev2_priv.h @@ -518,9 +518,6 @@ typedef struct /* logging level */ ikev2_log_level_t log_level; - /* custom ipsec-over-udp ports managed by ike */ - uword *udp_ports; - /* how often a liveness check will be performed */ u32 liveness_period; |