IPSEC tests fnd fix or Extended Sequence Numbers

Change-Id: Iad6c4b867961ec8036110a4e15a829ddb93193ed
Signed-off-by: Neale Ranns <nranns@cisco.com>

1 files changed, 29 insertions, 5 deletions

diff --git a/test/test_ipsec_ah.py b/test/test_ipsec_ah.py
index 21080cad3d6..af65850253c 100644
--- a/test/test_ipsec_ah.py
+++ b/test/test_ipsec_ah.py
@@ -5,7 +5,7 @@ from scapy.layers.ipsec import AH
 
 from framework import VppTestRunner
 from template_ipsec import TemplateIpsec, IpsecTra46Tests, IpsecTun46Tests, \
-    config_tun_params, config_tra_params
+    config_tun_params, config_tra_params, IPsecIPv4Params, IPsecIPv6Params
 from template_ipsec import IpsecTcpTests
 from vpp_ipsec import VppIpsecSA, VppIpsecSpd, VppIpsecSpdEntry,\
         VppIpsecSpdItfBinding
@@ -85,6 +85,7 @@ class TemplateIpsecAh(TemplateIpsec):
         remote_tun_if_host = params.remote_tun_if_host
         addr_any = params.addr_any
         addr_bcast = params.addr_bcast
+        flags = params.flags
         e = VppEnum.vl_api_ipsec_spd_action_t
 
         params.tun_sa_in = VppIpsecSA(self, scapy_tun_sa_id, scapy_tun_spi,
@@ -92,14 +93,16 @@ class TemplateIpsecAh(TemplateIpsec):
                                       crypt_algo_vpp_id, crypt_key,
                                       self.vpp_ah_protocol,
                                       self.tun_if.local_addr[addr_type],
-                                      self.tun_if.remote_addr[addr_type])
+                                      self.tun_if.remote_addr[addr_type],
+                                      flags=flags)
         params.tun_sa_in.add_vpp_config()
         params.tun_sa_out = VppIpsecSA(self, vpp_tun_sa_id, vpp_tun_spi,
                                        auth_algo_vpp_id, auth_key,
                                        crypt_algo_vpp_id, crypt_key,
                                        self.vpp_ah_protocol,
                                        self.tun_if.remote_addr[addr_type],
-                                       self.tun_if.local_addr[addr_type])
+                                       self.tun_if.local_addr[addr_type],
+                                       flags=flags)
         params.tun_sa_out.add_vpp_config()
 
         params.spd_policy_in_any = VppIpsecSpdEntry(self, self.tun_spd,
@@ -160,8 +163,8 @@ class TemplateIpsecAh(TemplateIpsec):
         crypt_key = params.crypt_key
         addr_any = params.addr_any
         addr_bcast = params.addr_bcast
-        flags = (VppEnum.vl_api_ipsec_sad_flags_t.
-                 IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY)
+        flags = params.flags | (VppEnum.vl_api_ipsec_sad_flags_t.
+                                IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY)
         e = VppEnum.vl_api_ipsec_spd_action_t
 
         params.tra_sa_in = VppIpsecSA(self, scapy_tra_sa_id, scapy_tra_spi,
@@ -221,5 +224,26 @@ class TestIpsecAh2(TemplateIpsecAh, IpsecTcpTests):
     pass
 
 
+class TestIpsecAh3(TemplateIpsecAh, IpsecTra46Tests, IpsecTun46Tests):
+    """ Ipsec AH w/ ESN - TCP tests """
+
+    tra4_encrypt_node_name = "ah4-encrypt"
+    tra4_decrypt_node_name = "ah4-decrypt"
+    tra6_encrypt_node_name = "ah6-encrypt"
+    tra6_decrypt_node_name = "ah6-decrypt"
+    tun4_encrypt_node_name = "ah4-encrypt"
+    tun4_decrypt_node_name = "ah4-decrypt"
+    tun6_encrypt_node_name = "ah6-encrypt"
+    tun6_decrypt_node_name = "ah6-decrypt"
+
+    def setup_params(self):
+        self.ipv4_params = IPsecIPv4Params()
+        self.ipv6_params = IPsecIPv6Params()
+        self.params = {self.ipv4_params.addr_type: self.ipv4_params,
+                       self.ipv6_params.addr_type: self.ipv6_params}
+        for _, p in self.params.items():
+            p.flags = (VppEnum.vl_api_ipsec_sad_flags_t.
+                       IPSEC_API_SAD_FLAG_USE_EXTENDED_SEQ_NUM)
+
 if __name__ == '__main__':
     unittest.main(testRunner=VppTestRunner)