summaryrefslogtreecommitdiffstats
path: root/test/test_ipsec_esp.py
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2019-01-09 21:22:20 -0800
committerDamjan Marion <dmarion@me.com>2019-01-31 20:44:22 +0000
commit17dcec0b940374127f6e1e004fb3ec261a0a3709 (patch)
treef14763efd0dc07c44e9d4d1f71f2a43052dc460a /test/test_ipsec_esp.py
parent6d0106e44e7dff2c9ef0f7052c4023245e9023a8 (diff)
IPSEC: API modernisation
- use enums to enumerate the algoritms and protocols that are supported - use address_t types to simplify encode/deocde - use typedefs of entry objects to get consistency between add/del API and dump Change-Id: I7e7c58c06a150e2439633ba9dca58bc1049677ee Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'test/test_ipsec_esp.py')
-rw-r--r--test/test_ipsec_esp.py27
1 files changed, 19 insertions, 8 deletions
diff --git a/test/test_ipsec_esp.py b/test/test_ipsec_esp.py
index 96e4833621a..ae62aecc2ed 100644
--- a/test/test_ipsec_esp.py
+++ b/test/test_ipsec_esp.py
@@ -9,6 +9,7 @@ from vpp_ipsec import VppIpsecSpd, VppIpsecSpdEntry, VppIpsecSA,\
VppIpsecSpdItfBinding
from vpp_ip_route import VppIpRoute, VppRoutePath
from vpp_ip import DpoProto
+from vpp_papi import VppEnum
class TemplateIpsecEsp(TemplateIpsec):
@@ -94,6 +95,7 @@ class TemplateIpsecEsp(TemplateIpsec):
remote_tun_if_host = params.remote_tun_if_host
addr_any = params.addr_any
addr_bcast = params.addr_bcast
+ e = VppEnum.vl_api_ipsec_spd_action_t
VppIpsecSA(self, scapy_tun_sa_id, scapy_tun_spi,
auth_algo_vpp_id, auth_key,
@@ -123,28 +125,32 @@ class TemplateIpsecEsp(TemplateIpsec):
self.pg1.remote_addr[addr_type],
self.pg1.remote_addr[addr_type],
0,
- priority=10, policy=3,
+ priority=10,
+ policy=e.IPSEC_API_SPD_ACTION_PROTECT,
is_outbound=0).add_vpp_config()
VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
self.pg1.remote_addr[addr_type],
self.pg1.remote_addr[addr_type],
remote_tun_if_host, remote_tun_if_host,
0,
- priority=10, policy=3).add_vpp_config()
+ policy=e.IPSEC_API_SPD_ACTION_PROTECT,
+ priority=10).add_vpp_config()
VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id,
remote_tun_if_host, remote_tun_if_host,
self.pg0.local_addr[addr_type],
self.pg0.local_addr[addr_type],
0,
- priority=20, policy=3,
+ priority=20,
+ policy=e.IPSEC_API_SPD_ACTION_PROTECT,
is_outbound=0).add_vpp_config()
VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
self.pg0.local_addr[addr_type],
self.pg0.local_addr[addr_type],
remote_tun_if_host, remote_tun_if_host,
0,
- priority=20, policy=3).add_vpp_config()
+ policy=e.IPSEC_API_SPD_ACTION_PROTECT,
+ priority=20).add_vpp_config()
def config_esp_tra(self, params):
addr_type = params.addr_type
@@ -158,17 +164,20 @@ class TemplateIpsecEsp(TemplateIpsec):
crypt_key = params.crypt_key
addr_any = params.addr_any
addr_bcast = params.addr_bcast
+ flags = (VppEnum.vl_api_ipsec_sad_flags_t.
+ IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY)
+ e = VppEnum.vl_api_ipsec_spd_action_t
VppIpsecSA(self, scapy_tra_sa_id, scapy_tra_spi,
auth_algo_vpp_id, auth_key,
crypt_algo_vpp_id, crypt_key,
self.vpp_esp_protocol,
- use_anti_replay=1).add_vpp_config()
+ flags=flags).add_vpp_config()
VppIpsecSA(self, vpp_tra_sa_id, vpp_tra_spi,
auth_algo_vpp_id, auth_key,
crypt_algo_vpp_id, crypt_key,
self.vpp_esp_protocol,
- use_anti_replay=1).add_vpp_config()
+ flags=flags).add_vpp_config()
VppIpsecSpdEntry(self, self.tra_spd, vpp_tra_sa_id,
addr_any, addr_bcast,
@@ -185,14 +194,16 @@ class TemplateIpsecEsp(TemplateIpsec):
self.tra_if.local_addr[addr_type],
self.tra_if.remote_addr[addr_type],
self.tra_if.remote_addr[addr_type],
- 0, priority=10, policy=3,
+ 0, priority=10,
+ policy=e.IPSEC_API_SPD_ACTION_PROTECT,
is_outbound=0).add_vpp_config()
VppIpsecSpdEntry(self, self.tra_spd, scapy_tra_sa_id,
self.tra_if.local_addr[addr_type],
self.tra_if.local_addr[addr_type],
self.tra_if.remote_addr[addr_type],
self.tra_if.remote_addr[addr_type],
- 0, priority=10, policy=3).add_vpp_config()
+ 0, policy=e.IPSEC_API_SPD_ACTION_PROTECT,
+ priority=10).add_vpp_config()
class TestIpsecEsp1(TemplateIpsecEsp, IpsecTraTests, IpsecTunTests):