ipsec: User can choose the UDP source port

Type: feature thus allowing NAT traversal, Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie8650ceeb5074f98c68d2d90f6adc2f18afeba08 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
author: Neale Ranns <nranns@cisco.com> 2020-04-01 09:45:23 +0000
committer: Paul Vinciguerra <pvinci@vinciconsulting.com> 2020-05-05 18:36:33 +0000
commit: abc5660c61698fa29252dc202358002a97f2608c (patch)
tree: 969edc7dc2145e40e3fb96c470df917f2053abfe /test/test_ipsec_api.py
parent: 6fdd7a5f77301a3398c4445bfef202b123ce90d8 (diff)
1 files changed, 38 insertions, 13 deletions
diff --git a/test/test_ipsec_api.py b/test/test_ipsec_api.py
index 00885ae05b6..b5b4adac66b 100644
--- a/test/test_ipsec_api.py
+++ b/test/test_ipsec_api.py
@@ -70,23 +70,48 @@ class IpsecApiTestCase(VppTestCase):
         crypt_algo_vpp_id = params.crypt_algo_vpp_id
         crypt_key = params.crypt_key
 
-        self.vapi.ipsec_sad_entry_add_del(scapy_tun_sa_id, scapy_tun_spi,
-                                          auth_algo_vpp_id, auth_key,
-                                          crypt_algo_vpp_id, crypt_key,
-                                          self.vpp_ah_protocol,
-                                          self.pg0.local_addr[addr_type],
-                                          self.pg0.remote_addr[addr_type])
+        self.vapi.ipsec_sad_entry_add_del(
+            is_add=1,
+            entry={
+                'sad_id': scapy_tun_sa_id,
+                'spi': scapy_tun_spi,
+                'integrity_algorithm': auth_algo_vpp_id,
+                'integrity_key': {
+                    'data': auth_key,
+                    'length': len(auth_key),
+                },
+                'crypto_algorithm': crypt_algo_vpp_id,
+                'crypto_key': {
+                    'data': crypt_key,
+                    'length': len(crypt_key),
+                },
+                'protocol': self.vpp_ah_protocol,
+                'tunnel_src': self.pg0.local_addr[addr_type],
+                'tunnel_dst': self.pg0.remote_addr[addr_type]
+            })
         with self.vapi.assert_negative_api_retval():
             self.vapi.ipsec_select_backend(
                 protocol=self.vpp_ah_protocol, index=0)
 
-        self.vapi.ipsec_sad_entry_add_del(scapy_tun_sa_id, scapy_tun_spi,
-                                          auth_algo_vpp_id, auth_key,
-                                          crypt_algo_vpp_id, crypt_key,
-                                          self.vpp_ah_protocol,
-                                          self.pg0.local_addr[addr_type],
-                                          self.pg0.remote_addr[addr_type],
-                                          is_add=0)
+        self.vapi.ipsec_sad_entry_add_del(
+            is_add=0,
+            entry={
+                'sad_id': scapy_tun_sa_id,
+                'spi': scapy_tun_spi,
+                'integrity_algorithm': auth_algo_vpp_id,
+                'integrity_key': {
+                    'data': auth_key,
+                    'length': len(auth_key),
+                },
+                'crypto_algorithm': crypt_algo_vpp_id,
+                'crypto_key': {
+                    'data': crypt_key,
+                    'length': len(crypt_key),
+                },
+                'protocol': self.vpp_ah_protocol,
+                'tunnel_src': self.pg0.local_addr[addr_type],
+                'tunnel_dst': self.pg0.remote_addr[addr_type]
+            })
         self.vapi.ipsec_select_backend(
             protocol=self.vpp_ah_protocol, index=0)
author	Neale Ranns <nranns@cisco.com>	2020-04-01 09:45:23 +0000
committer	Paul Vinciguerra <pvinci@vinciconsulting.com>	2020-05-05 18:36:33 +0000
commit	abc5660c61698fa29252dc202358002a97f2608c (patch)
tree	969edc7dc2145e40e3fb96c470df917f2053abfe /test/test_ipsec_api.py
parent	6fdd7a5f77301a3398c4445bfef202b123ce90d8 (diff)