diff options
Diffstat (limited to 'src/vnet/ipsec/ipsec_api.c')
-rw-r--r-- | src/vnet/ipsec/ipsec_api.c | 148 |
1 files changed, 1 insertions, 147 deletions
diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c index 6784f0b08f9..893eee45ac9 100644 --- a/src/vnet/ipsec/ipsec_api.c +++ b/src/vnet/ipsec/ipsec_api.c @@ -24,6 +24,7 @@ #include <vnet/api_errno.h> #include <vnet/ip/ip.h> #include <vnet/ip/ip_types_api.h> +#include <vnet/ipsec/ipsec_types_api.h> #include <vnet/fib/fib.h> #include <vnet/ipip/ipip.h> @@ -321,153 +322,6 @@ out: /* *INDENT-ON* */ } -static int -ipsec_proto_decode (vl_api_ipsec_proto_t in, ipsec_protocol_t * out) -{ - in = clib_net_to_host_u32 (in); - - switch (in) - { - case IPSEC_API_PROTO_ESP: - *out = IPSEC_PROTOCOL_ESP; - return (0); - case IPSEC_API_PROTO_AH: - *out = IPSEC_PROTOCOL_AH; - return (0); - } - return (VNET_API_ERROR_INVALID_PROTOCOL); -} - -static vl_api_ipsec_proto_t -ipsec_proto_encode (ipsec_protocol_t p) -{ - switch (p) - { - case IPSEC_PROTOCOL_ESP: - return clib_host_to_net_u32 (IPSEC_API_PROTO_ESP); - case IPSEC_PROTOCOL_AH: - return clib_host_to_net_u32 (IPSEC_API_PROTO_AH); - } - return (VNET_API_ERROR_UNIMPLEMENTED); -} - -static int -ipsec_crypto_algo_decode (vl_api_ipsec_crypto_alg_t in, - ipsec_crypto_alg_t * out) -{ - in = clib_net_to_host_u32 (in); - - switch (in) - { -#define _(v,f,s) case IPSEC_API_CRYPTO_ALG_##f: \ - *out = IPSEC_CRYPTO_ALG_##f; \ - return (0); - foreach_ipsec_crypto_alg -#undef _ - } - return (VNET_API_ERROR_INVALID_ALGORITHM); -} - -static vl_api_ipsec_crypto_alg_t -ipsec_crypto_algo_encode (ipsec_crypto_alg_t c) -{ - switch (c) - { -#define _(v,f,s) case IPSEC_CRYPTO_ALG_##f: \ - return clib_host_to_net_u32(IPSEC_API_CRYPTO_ALG_##f); - foreach_ipsec_crypto_alg -#undef _ - case IPSEC_CRYPTO_N_ALG: - break; - } - ASSERT (0); - return (VNET_API_ERROR_UNIMPLEMENTED); -} - -static int -ipsec_integ_algo_decode (vl_api_ipsec_integ_alg_t in, ipsec_integ_alg_t * out) -{ - in = clib_net_to_host_u32 (in); - - switch (in) - { -#define _(v,f,s) case IPSEC_API_INTEG_ALG_##f: \ - *out = IPSEC_INTEG_ALG_##f; \ - return (0); - foreach_ipsec_integ_alg -#undef _ - } - return (VNET_API_ERROR_INVALID_ALGORITHM); -} - -static vl_api_ipsec_integ_alg_t -ipsec_integ_algo_encode (ipsec_integ_alg_t i) -{ - switch (i) - { -#define _(v,f,s) case IPSEC_INTEG_ALG_##f: \ - return (clib_host_to_net_u32(IPSEC_API_INTEG_ALG_##f)); - foreach_ipsec_integ_alg -#undef _ - case IPSEC_INTEG_N_ALG: - break; - } - ASSERT (0); - return (VNET_API_ERROR_UNIMPLEMENTED); -} - -static void -ipsec_key_decode (const vl_api_key_t * key, ipsec_key_t * out) -{ - ipsec_mk_key (out, key->data, key->length); -} - -static void -ipsec_key_encode (const ipsec_key_t * in, vl_api_key_t * out) -{ - out->length = in->len; - clib_memcpy (out->data, in->data, out->length); -} - -static ipsec_sa_flags_t -ipsec_sa_flags_decode (vl_api_ipsec_sad_flags_t in) -{ - ipsec_sa_flags_t flags = IPSEC_SA_FLAG_NONE; - in = clib_net_to_host_u32 (in); - - if (in & IPSEC_API_SAD_FLAG_USE_ESN) - flags |= IPSEC_SA_FLAG_USE_ESN; - if (in & IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY) - flags |= IPSEC_SA_FLAG_USE_ANTI_REPLAY; - if (in & IPSEC_API_SAD_FLAG_IS_TUNNEL) - flags |= IPSEC_SA_FLAG_IS_TUNNEL; - if (in & IPSEC_API_SAD_FLAG_IS_TUNNEL_V6) - flags |= IPSEC_SA_FLAG_IS_TUNNEL_V6; - if (in & IPSEC_API_SAD_FLAG_UDP_ENCAP) - flags |= IPSEC_SA_FLAG_UDP_ENCAP; - - return (flags); -} - -static vl_api_ipsec_sad_flags_t -ipsec_sad_flags_encode (const ipsec_sa_t * sa) -{ - vl_api_ipsec_sad_flags_t flags = IPSEC_API_SAD_FLAG_NONE; - - if (ipsec_sa_is_set_USE_ESN (sa)) - flags |= IPSEC_API_SAD_FLAG_USE_ESN; - if (ipsec_sa_is_set_USE_ANTI_REPLAY (sa)) - flags |= IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY; - if (ipsec_sa_is_set_IS_TUNNEL (sa)) - flags |= IPSEC_API_SAD_FLAG_IS_TUNNEL; - if (ipsec_sa_is_set_IS_TUNNEL_V6 (sa)) - flags |= IPSEC_API_SAD_FLAG_IS_TUNNEL_V6; - if (ipsec_sa_is_set_UDP_ENCAP (sa)) - flags |= IPSEC_API_SAD_FLAG_UDP_ENCAP; - - return clib_host_to_net_u32 (flags); -} - static void vl_api_ipsec_sad_entry_add_del_t_handler (vl_api_ipsec_sad_entry_add_del_t * mp) { |