diff options
author | Neale Ranns <nranns@cisco.com> | 2019-01-09 21:22:20 -0800 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2019-01-31 20:44:22 +0000 |
commit | 17dcec0b940374127f6e1e004fb3ec261a0a3709 (patch) | |
tree | f14763efd0dc07c44e9d4d1f71f2a43052dc460a /test/test_ipsec_esp.py | |
parent | 6d0106e44e7dff2c9ef0f7052c4023245e9023a8 (diff) |
IPSEC: API modernisation
- use enums to enumerate the algoritms and protocols that are supported
- use address_t types to simplify encode/deocde
- use typedefs of entry objects to get consistency between add/del API and dump
Change-Id: I7e7c58c06a150e2439633ba9dca58bc1049677ee
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'test/test_ipsec_esp.py')
-rw-r--r-- | test/test_ipsec_esp.py | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/test/test_ipsec_esp.py b/test/test_ipsec_esp.py index 96e4833621a..ae62aecc2ed 100644 --- a/test/test_ipsec_esp.py +++ b/test/test_ipsec_esp.py @@ -9,6 +9,7 @@ from vpp_ipsec import VppIpsecSpd, VppIpsecSpdEntry, VppIpsecSA,\ VppIpsecSpdItfBinding from vpp_ip_route import VppIpRoute, VppRoutePath from vpp_ip import DpoProto +from vpp_papi import VppEnum class TemplateIpsecEsp(TemplateIpsec): @@ -94,6 +95,7 @@ class TemplateIpsecEsp(TemplateIpsec): remote_tun_if_host = params.remote_tun_if_host addr_any = params.addr_any addr_bcast = params.addr_bcast + e = VppEnum.vl_api_ipsec_spd_action_t VppIpsecSA(self, scapy_tun_sa_id, scapy_tun_spi, auth_algo_vpp_id, auth_key, @@ -123,28 +125,32 @@ class TemplateIpsecEsp(TemplateIpsec): self.pg1.remote_addr[addr_type], self.pg1.remote_addr[addr_type], 0, - priority=10, policy=3, + priority=10, + policy=e.IPSEC_API_SPD_ACTION_PROTECT, is_outbound=0).add_vpp_config() VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id, self.pg1.remote_addr[addr_type], self.pg1.remote_addr[addr_type], remote_tun_if_host, remote_tun_if_host, 0, - priority=10, policy=3).add_vpp_config() + policy=e.IPSEC_API_SPD_ACTION_PROTECT, + priority=10).add_vpp_config() VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id, remote_tun_if_host, remote_tun_if_host, self.pg0.local_addr[addr_type], self.pg0.local_addr[addr_type], 0, - priority=20, policy=3, + priority=20, + policy=e.IPSEC_API_SPD_ACTION_PROTECT, is_outbound=0).add_vpp_config() VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id, self.pg0.local_addr[addr_type], self.pg0.local_addr[addr_type], remote_tun_if_host, remote_tun_if_host, 0, - priority=20, policy=3).add_vpp_config() + policy=e.IPSEC_API_SPD_ACTION_PROTECT, + priority=20).add_vpp_config() def config_esp_tra(self, params): addr_type = params.addr_type @@ -158,17 +164,20 @@ class TemplateIpsecEsp(TemplateIpsec): crypt_key = params.crypt_key addr_any = params.addr_any addr_bcast = params.addr_bcast + flags = (VppEnum.vl_api_ipsec_sad_flags_t. + IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY) + e = VppEnum.vl_api_ipsec_spd_action_t VppIpsecSA(self, scapy_tra_sa_id, scapy_tra_spi, auth_algo_vpp_id, auth_key, crypt_algo_vpp_id, crypt_key, self.vpp_esp_protocol, - use_anti_replay=1).add_vpp_config() + flags=flags).add_vpp_config() VppIpsecSA(self, vpp_tra_sa_id, vpp_tra_spi, auth_algo_vpp_id, auth_key, crypt_algo_vpp_id, crypt_key, self.vpp_esp_protocol, - use_anti_replay=1).add_vpp_config() + flags=flags).add_vpp_config() VppIpsecSpdEntry(self, self.tra_spd, vpp_tra_sa_id, addr_any, addr_bcast, @@ -185,14 +194,16 @@ class TemplateIpsecEsp(TemplateIpsec): self.tra_if.local_addr[addr_type], self.tra_if.remote_addr[addr_type], self.tra_if.remote_addr[addr_type], - 0, priority=10, policy=3, + 0, priority=10, + policy=e.IPSEC_API_SPD_ACTION_PROTECT, is_outbound=0).add_vpp_config() VppIpsecSpdEntry(self, self.tra_spd, scapy_tra_sa_id, self.tra_if.local_addr[addr_type], self.tra_if.local_addr[addr_type], self.tra_if.remote_addr[addr_type], self.tra_if.remote_addr[addr_type], - 0, priority=10, policy=3).add_vpp_config() + 0, policy=e.IPSEC_API_SPD_ACTION_PROTECT, + priority=10).add_vpp_config() class TestIpsecEsp1(TemplateIpsecEsp, IpsecTraTests, IpsecTunTests): |