diff options
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r-- | src/vnet/ipsec/ah.h | 4 | ||||
-rw-r--r-- | src/vnet/ipsec/ah_decrypt.c | 4 | ||||
-rw-r--r-- | src/vnet/ipsec/ah_encrypt.c | 4 | ||||
-rw-r--r-- | src/vnet/ipsec/esp.h | 6 | ||||
-rw-r--r-- | src/vnet/ipsec/esp_decrypt.c | 2 | ||||
-rw-r--r-- | src/vnet/ipsec/esp_encrypt.c | 15 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_api.c | 14 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_cli.c | 42 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_format.c | 2 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_handoff.c | 2 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_input.c | 4 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_itf.c | 10 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_output.c | 2 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_sa.c | 4 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_spd.c | 2 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_tun.c | 14 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_tun_in.c | 4 |
17 files changed, 0 insertions, 135 deletions
diff --git a/src/vnet/ipsec/ah.h b/src/vnet/ipsec/ah.h index ae4cd0b5908..450c9cfd6dc 100644 --- a/src/vnet/ipsec/ah.h +++ b/src/vnet/ipsec/ah.h @@ -30,19 +30,15 @@ typedef struct } ah_header_t; -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { ip4_header_t ip4; ah_header_t ah; }) ip4_and_ah_header_t; -/* *INDENT-ON* */ -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { ip6_header_t ip6; ah_header_t ah; }) ip6_and_ah_header_t; -/* *INDENT-ON* */ always_inline u32 ah_encrypt_err_to_sa_err (u32 err) diff --git a/src/vnet/ipsec/ah_decrypt.c b/src/vnet/ipsec/ah_decrypt.c index 62a6b706362..918ebf03f67 100644 --- a/src/vnet/ipsec/ah_decrypt.c +++ b/src/vnet/ipsec/ah_decrypt.c @@ -450,7 +450,6 @@ VLIB_NODE_FN (ah4_decrypt_node) (vlib_main_t * vm, return ah_decrypt_inline (vm, node, from_frame, 0 /* is_ip6 */ ); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ah4_decrypt_node) = { .name = "ah4-decrypt", .vector_size = sizeof (u32), @@ -468,7 +467,6 @@ VLIB_REGISTER_NODE (ah4_decrypt_node) = { [AH_DECRYPT_NEXT_HANDOFF] = "ah4-decrypt-handoff", }, }; -/* *INDENT-ON* */ VLIB_NODE_FN (ah6_decrypt_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -477,7 +475,6 @@ VLIB_NODE_FN (ah6_decrypt_node) (vlib_main_t * vm, return ah_decrypt_inline (vm, node, from_frame, 1 /* is_ip6 */ ); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ah6_decrypt_node) = { .name = "ah6-decrypt", .vector_size = sizeof (u32), @@ -495,7 +492,6 @@ VLIB_REGISTER_NODE (ah6_decrypt_node) = { [AH_DECRYPT_NEXT_HANDOFF] = "ah6-decrypt-handoff", }, }; -/* *INDENT-ON* */ #ifndef CLIB_MARCH_VARIANT diff --git a/src/vnet/ipsec/ah_encrypt.c b/src/vnet/ipsec/ah_encrypt.c index 03e04880161..960327f071d 100644 --- a/src/vnet/ipsec/ah_encrypt.c +++ b/src/vnet/ipsec/ah_encrypt.c @@ -442,7 +442,6 @@ VLIB_NODE_FN (ah4_encrypt_node) (vlib_main_t * vm, return ah_encrypt_inline (vm, node, from_frame, 0 /* is_ip6 */ ); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ah4_encrypt_node) = { .name = "ah4-encrypt", .vector_size = sizeof (u32), @@ -459,7 +458,6 @@ VLIB_REGISTER_NODE (ah4_encrypt_node) = { [AH_ENCRYPT_NEXT_INTERFACE_OUTPUT] = "interface-output", }, }; -/* *INDENT-ON* */ VLIB_NODE_FN (ah6_encrypt_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -468,7 +466,6 @@ VLIB_NODE_FN (ah6_encrypt_node) (vlib_main_t * vm, return ah_encrypt_inline (vm, node, from_frame, 1 /* is_ip6 */ ); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ah6_encrypt_node) = { .name = "ah6-encrypt", .vector_size = sizeof (u32), @@ -485,7 +482,6 @@ VLIB_REGISTER_NODE (ah6_encrypt_node) = { [AH_ENCRYPT_NEXT_INTERFACE_OUTPUT] = "interface-output", }, }; -/* *INDENT-ON* */ #ifndef CLIB_MARCH_VARIANT diff --git a/src/vnet/ipsec/esp.h b/src/vnet/ipsec/esp.h index 72abb9f0dbd..1c3ce776ad2 100644 --- a/src/vnet/ipsec/esp.h +++ b/src/vnet/ipsec/esp.h @@ -37,27 +37,21 @@ typedef struct u8 next_header; } esp_footer_t; -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { ip4_header_t ip4; esp_header_t esp; }) ip4_and_esp_header_t; -/* *INDENT-ON* */ -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { ip4_header_t ip4; udp_header_t udp; esp_header_t esp; }) ip4_and_udp_and_esp_header_t; -/* *INDENT-ON* */ -/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { ip6_header_t ip6; esp_header_t esp; }) ip6_and_esp_header_t; -/* *INDENT-ON* */ /** * AES counter mode nonce diff --git a/src/vnet/ipsec/esp_decrypt.c b/src/vnet/ipsec/esp_decrypt.c index fba4549048d..bbd54cfd7b5 100644 --- a/src/vnet/ipsec/esp_decrypt.c +++ b/src/vnet/ipsec/esp_decrypt.c @@ -1548,7 +1548,6 @@ VLIB_NODE_FN (esp6_decrypt_tun_post_node) (vlib_main_t * vm, return esp_decrypt_post_inline (vm, node, from_frame, 1, 1); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp4_decrypt_node) = { .name = "esp4-decrypt", .vector_size = sizeof (u32), @@ -1672,7 +1671,6 @@ VLIB_REGISTER_NODE (esp6_decrypt_tun_post_node) = { .sibling_of = "esp6-decrypt-tun", }; -/* *INDENT-ON* */ #ifndef CLIB_MARCH_VARIANT diff --git a/src/vnet/ipsec/esp_encrypt.c b/src/vnet/ipsec/esp_encrypt.c index 46f7fe6cd06..58c4582268e 100644 --- a/src/vnet/ipsec/esp_encrypt.c +++ b/src/vnet/ipsec/esp_encrypt.c @@ -1222,7 +1222,6 @@ VLIB_NODE_FN (esp4_encrypt_node) (vlib_main_t * vm, esp_encrypt_async_next.esp4_post_next); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp4_encrypt_node) = { .name = "esp4-encrypt", .vector_size = sizeof (u32), @@ -1241,7 +1240,6 @@ VLIB_REGISTER_NODE (esp4_encrypt_node) = { [ESP_ENCRYPT_NEXT_HANDOFF_MPLS] = "error-drop", [ESP_ENCRYPT_NEXT_INTERFACE_OUTPUT] = "interface-output" }, }; -/* *INDENT-ON* */ VLIB_NODE_FN (esp4_encrypt_post_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -1250,7 +1248,6 @@ VLIB_NODE_FN (esp4_encrypt_post_node) (vlib_main_t * vm, return esp_encrypt_post_inline (vm, node, from_frame); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp4_encrypt_post_node) = { .name = "esp4-encrypt-post", .vector_size = sizeof (u32), @@ -1261,7 +1258,6 @@ VLIB_REGISTER_NODE (esp4_encrypt_post_node) = { .n_errors = ESP_ENCRYPT_N_ERROR, .error_counters = esp_encrypt_error_counters, }; -/* *INDENT-ON* */ VLIB_NODE_FN (esp6_encrypt_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -1271,7 +1267,6 @@ VLIB_NODE_FN (esp6_encrypt_node) (vlib_main_t * vm, esp_encrypt_async_next.esp6_post_next); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp6_encrypt_node) = { .name = "esp6-encrypt", .vector_size = sizeof (u32), @@ -1282,7 +1277,6 @@ VLIB_REGISTER_NODE (esp6_encrypt_node) = { .n_errors = ESP_ENCRYPT_N_ERROR, .error_counters = esp_encrypt_error_counters, }; -/* *INDENT-ON* */ VLIB_NODE_FN (esp6_encrypt_post_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -1291,7 +1285,6 @@ VLIB_NODE_FN (esp6_encrypt_post_node) (vlib_main_t * vm, return esp_encrypt_post_inline (vm, node, from_frame); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp6_encrypt_post_node) = { .name = "esp6-encrypt-post", .vector_size = sizeof (u32), @@ -1302,7 +1295,6 @@ VLIB_REGISTER_NODE (esp6_encrypt_post_node) = { .n_errors = ESP_ENCRYPT_N_ERROR, .error_counters = esp_encrypt_error_counters, }; -/* *INDENT-ON* */ VLIB_NODE_FN (esp4_encrypt_tun_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -1312,7 +1304,6 @@ VLIB_NODE_FN (esp4_encrypt_tun_node) (vlib_main_t * vm, esp_encrypt_async_next.esp4_tun_post_next); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp4_encrypt_tun_node) = { .name = "esp4-encrypt-tun", .vector_size = sizeof (u32), @@ -1341,7 +1332,6 @@ VLIB_NODE_FN (esp4_encrypt_tun_post_node) (vlib_main_t * vm, return esp_encrypt_post_inline (vm, node, from_frame); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp4_encrypt_tun_post_node) = { .name = "esp4-encrypt-tun-post", .vector_size = sizeof (u32), @@ -1352,7 +1342,6 @@ VLIB_REGISTER_NODE (esp4_encrypt_tun_post_node) = { .n_errors = ESP_ENCRYPT_N_ERROR, .error_counters = esp_encrypt_error_counters, }; -/* *INDENT-ON* */ VLIB_NODE_FN (esp6_encrypt_tun_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -1362,7 +1351,6 @@ VLIB_NODE_FN (esp6_encrypt_tun_node) (vlib_main_t * vm, esp_encrypt_async_next.esp6_tun_post_next); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp6_encrypt_tun_node) = { .name = "esp6-encrypt-tun", .vector_size = sizeof (u32), @@ -1384,7 +1372,6 @@ VLIB_REGISTER_NODE (esp6_encrypt_tun_node) = { }, }; -/* *INDENT-ON* */ VLIB_NODE_FN (esp6_encrypt_tun_post_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -1393,7 +1380,6 @@ VLIB_NODE_FN (esp6_encrypt_tun_post_node) (vlib_main_t * vm, return esp_encrypt_post_inline (vm, node, from_frame); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp6_encrypt_tun_post_node) = { .name = "esp6-encrypt-tun-post", .vector_size = sizeof (u32), @@ -1404,7 +1390,6 @@ VLIB_REGISTER_NODE (esp6_encrypt_tun_post_node) = { .n_errors = ESP_ENCRYPT_N_ERROR, .error_counters = esp_encrypt_error_counters, }; -/* *INDENT-ON* */ VLIB_NODE_FN (esp_mpls_encrypt_tun_node) (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *from_frame) diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c index 6e7308ddf75..21216b1a614 100644 --- a/src/vnet/ipsec/ipsec_api.c +++ b/src/vnet/ipsec/ipsec_api.c @@ -150,12 +150,10 @@ send_ipsec_tunnel_protect_details (index_t itpi, void *arg) sa = ipsec_sa_get (itp->itp_out_sa); mp->tun.sa_out = htonl (sa->id); mp->tun.n_sa_in = itp->itp_n_sa_in; - /* *INDENT-OFF* */ FOR_EACH_IPSEC_PROTECT_INPUT_SA(itp, sa, ({ mp->tun.sa_in[ii++] = htonl (sa->id); })); - /* *INDENT-ON* */ vl_api_send_msg (ctx->reg, (u8 *) mp); @@ -264,12 +262,10 @@ static void vl_api_ipsec_spd_entry_add_del_t_handler goto out; out: - /* *INDENT-OFF* */ REPLY_MACRO2 (VL_API_IPSEC_SPD_ENTRY_ADD_DEL_REPLY, ({ rmp->stat_index = ntohl(stat_index); })); - /* *INDENT-ON* */ } static void @@ -388,12 +384,10 @@ static void vl_api_ipsec_sad_entry_add_del_t_handler htons (mp->entry.udp_dst_port), 0, &tun, &sa_index); out: - /* *INDENT-OFF* */ REPLY_MACRO2 (VL_API_IPSEC_SAD_ENTRY_ADD_DEL_REPLY, { rmp->stat_index = htonl (sa_index); }); - /* *INDENT-ON* */ } static void vl_api_ipsec_sad_entry_add_del_v2_t_handler @@ -462,12 +456,10 @@ static void vl_api_ipsec_sad_entry_add_del_v2_t_handler htons (mp->entry.udp_dst_port), 0, &tun, &sa_index); out: - /* *INDENT-OFF* */ REPLY_MACRO2 (VL_API_IPSEC_SAD_ENTRY_ADD_DEL_V2_REPLY, { rmp->stat_index = htonl (sa_index); }); - /* *INDENT-ON* */ } static int @@ -839,12 +831,10 @@ vl_api_ipsec_spd_interface_dump_t_handler (vl_api_ipsec_spd_interface_dump_t * if (mp->spd_index_valid) { spd_index = ntohl (mp->spd_index); - /* *INDENT-OFF* */ hash_foreach(k, v, im->spd_index_by_sw_if_index, ({ if (v == spd_index) send_ipsec_spd_interface_details(reg, v, k, mp->context); })); - /* *INDENT-ON* */ } else { @@ -867,12 +857,10 @@ vl_api_ipsec_itf_create_t_handler (vl_api_ipsec_itf_create_t * mp) if (!rv) rv = ipsec_itf_create (ntohl (mp->itf.user_instance), mode, &sw_if_index); - /* *INDENT-OFF* */ REPLY_MACRO2 (VL_API_IPSEC_ITF_CREATE_REPLY, ({ rmp->sw_if_index = htonl (sw_if_index); })); - /* *INDENT-ON* */ } static void @@ -1406,7 +1394,6 @@ vl_api_ipsec_backend_dump_t_handler (vl_api_ipsec_backend_dump_t *mp) ipsec_ah_backend_t *ab; ipsec_esp_backend_t *eb; - /* *INDENT-OFF* */ pool_foreach (ab, im->ah_backends) { vl_api_ipsec_backend_details_t *mp = vl_msg_api_alloc (sizeof (*mp)); clib_memset (mp, 0, sizeof (*mp)); @@ -1431,7 +1418,6 @@ vl_api_ipsec_backend_dump_t_handler (vl_api_ipsec_backend_dump_t *mp) mp->active = mp->index == im->esp_current_backend ? 1 : 0; vl_api_send_msg (rp, (u8 *)mp); } - /* *INDENT-ON* */ } static void diff --git a/src/vnet/ipsec/ipsec_cli.c b/src/vnet/ipsec/ipsec_cli.c index 5aef630a33f..07d9df8f204 100644 --- a/src/vnet/ipsec/ipsec_cli.c +++ b/src/vnet/ipsec/ipsec_cli.c @@ -71,14 +71,12 @@ done: return error; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (set_interface_spd_command, static) = { .path = "set interface ipsec spd", .short_help = "set interface ipsec spd <int> <id>", .function = set_interface_spd_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * ipsec_sa_add_del_command_fn (vlib_main_t * vm, @@ -208,14 +206,12 @@ done: return error; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_sa_add_del_command, static) = { .path = "ipsec sa", .short_help = "ipsec sa [add|del]", .function = ipsec_sa_add_del_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * ipsec_sa_bind_cli (vlib_main_t *vm, unformat_input_t *input, @@ -325,14 +321,12 @@ done: return error; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_spd_add_del_command, static) = { .path = "ipsec spd", .short_help = "ipsec spd [add|del] <id>", .function = ipsec_spd_add_del_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * @@ -467,27 +461,23 @@ done: return error; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_policy_add_del_command, static) = { .path = "ipsec policy", .short_help = "ipsec policy [add|del] spd <id> priority <n> ", .function = ipsec_policy_add_del_command_fn, }; -/* *INDENT-ON* */ static void ipsec_sa_show_all (vlib_main_t * vm, ipsec_main_t * im, u8 detail) { u32 sai; - /* *INDENT-OFF* */ pool_foreach_index (sai, ipsec_sa_pool) { vlib_cli_output (vm, "%U", format_ipsec_sa, sai, (detail ? IPSEC_FORMAT_DETAIL : IPSEC_FORMAT_BRIEF)); } - /* *INDENT-ON* */ } static void @@ -495,7 +485,6 @@ ipsec_spd_show_all (vlib_main_t * vm, ipsec_main_t * im) { u32 spdi; - /* *INDENT-OFF* */ pool_foreach_index (spdi, im->spds) { vlib_cli_output(vm, "%U", format_ipsec_spd, spdi); } @@ -508,7 +497,6 @@ ipsec_spd_show_all (vlib_main_t * vm, ipsec_main_t * im) { vlib_cli_output (vm, "%U", format_ipsec_in_spd_flow_cache); } - /* *INDENT-ON* */ } static void @@ -519,14 +507,12 @@ ipsec_spd_bindings_show_all (vlib_main_t * vm, ipsec_main_t * im) vlib_cli_output (vm, "SPD Bindings:"); - /* *INDENT-OFF* */ hash_foreach(sw_if_index, spd_id, im->spd_index_by_sw_if_index, ({ spd = pool_elt_at_index (im->spds, spd_id); vlib_cli_output (vm, " %d -> %U", spd->id, format_vnet_sw_if_index_name, im->vnet_main, sw_if_index); })); - /* *INDENT-ON* */ } static walk_rc_t @@ -560,13 +546,11 @@ show_ipsec_command_fn (vlib_main_t * vm, return 0; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (show_ipsec_command, static) = { .path = "show ipsec all", .short_help = "show ipsec all", .function = show_ipsec_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * show_ipsec_sa_command_fn (vlib_main_t * vm, @@ -611,12 +595,10 @@ clear_ipsec_sa_command_fn (vlib_main_t * vm, if (~0 == sai) { - /* *INDENT-OFF* */ pool_foreach_index (sai, ipsec_sa_pool) { ipsec_sa_clear (sai); } - /* *INDENT-ON* */ } else { @@ -629,7 +611,6 @@ clear_ipsec_sa_command_fn (vlib_main_t * vm, return 0; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (show_ipsec_sa_command, static) = { .path = "show ipsec sa", .short_help = "show ipsec sa [index]", @@ -641,7 +622,6 @@ VLIB_CLI_COMMAND (clear_ipsec_sa_command, static) = { .short_help = "clear ipsec sa [index]", .function = clear_ipsec_sa_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * show_ipsec_spd_command_fn (vlib_main_t * vm, @@ -671,13 +651,11 @@ show_ipsec_spd_command_fn (vlib_main_t * vm, return 0; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (show_ipsec_spd_command, static) = { .path = "show ipsec spd", .short_help = "show ipsec spd [index]", .function = show_ipsec_spd_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * show_ipsec_tunnel_command_fn (vlib_main_t * vm, @@ -689,13 +667,11 @@ show_ipsec_tunnel_command_fn (vlib_main_t * vm, return 0; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (show_ipsec_tunnel_command, static) = { .path = "show ipsec tunnel", .short_help = "show ipsec tunnel", .function = show_ipsec_tunnel_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * ipsec_show_backends_command_fn (vlib_main_t * vm, @@ -710,7 +686,6 @@ ipsec_show_backends_command_fn (vlib_main_t * vm, vlib_cli_output (vm, "IPsec AH backends available:"); u8 *s = format (NULL, "%=25s %=25s %=10s\n", "Name", "Index", "Active"); ipsec_ah_backend_t *ab; - /* *INDENT-OFF* */ pool_foreach (ab, im->ah_backends) { s = format (s, "%=25s %=25u %=10s\n", ab->name, ab - im->ah_backends, ab - im->ah_backends == im->ah_current_backend ? "yes" : "no"); @@ -726,13 +701,11 @@ ipsec_show_backends_command_fn (vlib_main_t * vm, s = format (s, " dec6 %s (next %d)\n", n->name, ab->ah6_decrypt_next_index); } } - /* *INDENT-ON* */ vlib_cli_output (vm, "%v", s); vec_set_len (s, 0); vlib_cli_output (vm, "IPsec ESP backends available:"); s = format (s, "%=25s %=25s %=10s\n", "Name", "Index", "Active"); ipsec_esp_backend_t *eb; - /* *INDENT-OFF* */ pool_foreach (eb, im->esp_backends) { s = format (s, "%=25s %=25u %=10s\n", eb->name, eb - im->esp_backends, eb - im->esp_backends == im->esp_current_backend ? "yes" @@ -749,20 +722,17 @@ ipsec_show_backends_command_fn (vlib_main_t * vm, s = format (s, " dec6 %s (next %d)\n", n->name, eb->esp6_decrypt_next_index); } } - /* *INDENT-ON* */ vlib_cli_output (vm, "%v", s); vec_free (s); return 0; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_show_backends_command, static) = { .path = "show ipsec backends", .short_help = "show ipsec backends", .function = ipsec_show_backends_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * ipsec_select_backend_command_fn (vlib_main_t * vm, @@ -824,14 +794,12 @@ ipsec_select_backend_command_fn (vlib_main_t * vm, return 0; } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_select_backend_command, static) = { .path = "ipsec select backend", .short_help = "ipsec select backend <ah|esp> <backend index>", .function = ipsec_select_backend_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * clear_ipsec_counters_command_fn (vlib_main_t * vm, @@ -846,13 +814,11 @@ clear_ipsec_counters_command_fn (vlib_main_t * vm, return (NULL); } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (clear_ipsec_counters_command, static) = { .path = "clear ipsec counters", .short_help = "clear ipsec counters", .function = clear_ipsec_counters_command_fn, }; -/* *INDENT-ON* */ static clib_error_t * ipsec_tun_protect_cmd (vlib_main_t * vm, @@ -902,7 +868,6 @@ ipsec_tun_protect_cmd (vlib_main_t * vm, /** * Protect tunnel with IPSEC */ -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_tun_protect_cmd_node, static) = { .path = "ipsec tunnel protect", @@ -910,7 +875,6 @@ VLIB_CLI_COMMAND (ipsec_tun_protect_cmd_node, static) = .short_help = "ipsec tunnel protect <interface> input-sa <SA> output-sa <SA> [add|del]", // this is not MP safe }; -/* *INDENT-ON* */ static clib_error_t * @@ -925,14 +889,12 @@ ipsec_tun_protect_show (vlib_main_t * vm, /** * show IPSEC tunnel protection */ -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_tun_protect_show_node, static) = { .path = "show ipsec protect", .function = ipsec_tun_protect_show, .short_help = "show ipsec protect", }; -/* *INDENT-ON* */ static int ipsec_tun_protect4_hash_show_one (clib_bihash_kv_8_16_t * kv, void *arg) @@ -981,14 +943,12 @@ ipsec_tun_protect_hash_show (vlib_main_t * vm, /** * show IPSEC tunnel protection hash tables */ -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_tun_protect_hash_show_node, static) = { .path = "show ipsec protect-hash", .function = ipsec_tun_protect_hash_show, .short_help = "show ipsec protect-hash", }; -/* *INDENT-ON* */ clib_error_t * ipsec_cli_init (vlib_main_t * vm) @@ -1025,13 +985,11 @@ set_async_mode_command_fn (vlib_main_t * vm, unformat_input_t * input, return (NULL); } -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (set_async_mode_command, static) = { .path = "set ipsec async mode", .short_help = "set ipsec async mode on|off", .function = set_async_mode_command_fn, }; -/* *INDENT-ON* */ /* * fd.io coding-style-patch-verification: ON diff --git a/src/vnet/ipsec/ipsec_format.c b/src/vnet/ipsec/ipsec_format.c index 12381ceaa13..e421a0d96b4 100644 --- a/src/vnet/ipsec/ipsec_format.c +++ b/src/vnet/ipsec/ipsec_format.c @@ -549,12 +549,10 @@ format_ipsec_tun_protect (u8 * s, va_list * args) IPSEC_FORMAT_BRIEF); s = format (s, "\n input-sa:"); - /* *INDENT-OFF* */ FOR_EACH_IPSEC_PROTECT_INPUT_SAI(itp, sai, ({ s = format (s, "\n %U", format_ipsec_sa, sai, IPSEC_FORMAT_BRIEF); })); - /* *INDENT-ON* */ return (s); } diff --git a/src/vnet/ipsec/ipsec_handoff.c b/src/vnet/ipsec/ipsec_handoff.c index e8daa1a6a23..68a859cf732 100644 --- a/src/vnet/ipsec/ipsec_handoff.c +++ b/src/vnet/ipsec/ipsec_handoff.c @@ -259,7 +259,6 @@ VLIB_NODE_FN (ah6_decrypt_handoff) (vlib_main_t * vm, return ipsec_handoff (vm, node, from_frame, im->ah6_dec_fq_index); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (esp4_encrypt_handoff) = { .name = "esp4-encrypt-handoff", .vector_size = sizeof (u32), @@ -416,7 +415,6 @@ VLIB_REGISTER_NODE (ah6_decrypt_handoff) = { [0] = "error-drop", }, }; -/* *INDENT-ON* */ /* * fd.io coding-style-patch-verification: ON diff --git a/src/vnet/ipsec/ipsec_input.c b/src/vnet/ipsec/ipsec_input.c index 8f9eb204c55..6ccc0be2622 100644 --- a/src/vnet/ipsec/ipsec_input.c +++ b/src/vnet/ipsec/ipsec_input.c @@ -751,7 +751,6 @@ VLIB_NODE_FN (ipsec4_input_node) (vlib_main_t * vm, return frame->n_vectors; } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ipsec4_input_node) = { .name = "ipsec4-input-feature", .vector_size = sizeof (u32), @@ -766,7 +765,6 @@ VLIB_REGISTER_NODE (ipsec4_input_node) = { #undef _ }, }; -/* *INDENT-ON* */ extern vlib_node_registration_t ipsec6_input_node; @@ -948,7 +946,6 @@ VLIB_NODE_FN (ipsec6_input_node) (vlib_main_t * vm, } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ipsec6_input_node) = { .name = "ipsec6-input-feature", .vector_size = sizeof (u32), @@ -963,7 +960,6 @@ VLIB_REGISTER_NODE (ipsec6_input_node) = { #undef _ }, }; -/* *INDENT-ON* */ /* * fd.io coding-style-patch-verification: ON diff --git a/src/vnet/ipsec/ipsec_itf.c b/src/vnet/ipsec/ipsec_itf.c index f9c1d77a37d..6e66d10660b 100644 --- a/src/vnet/ipsec/ipsec_itf.c +++ b/src/vnet/ipsec/ipsec_itf.c @@ -188,7 +188,6 @@ ipsec_itf_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) (ai, NULL, NULL, ADJ_FLAG_MIDCHAIN_IP_STACK, ipsec_itf_build_rewrite ()); } -/* *INDENT-OFF* */ VNET_DEVICE_CLASS (ipsec_itf_device_class) = { .name = "IPSEC Tunnel", .format_device_name = format_ipsec_itf_name, @@ -208,7 +207,6 @@ VNET_HW_INTERFACE_CLASS(ipsec_p2mp_hw_interface_class) = { .update_adjacency = ipsec_itf_update_adj, .flags = VNET_HW_INTERFACE_CLASS_FLAG_NBMA, }; -/* *INDENT-ON* */ /* * Maintain a bitmap of allocated ipsec_itf instance numbers. @@ -431,13 +429,11 @@ ipsec_itf_create_cli (vlib_main_t * vm, * Example of how to create a ipsec interface: * @cliexcmd{ipsec itf create} ?*/ -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_itf_create_command, static) = { .path = "ipsec itf create", .short_help = "ipsec itf create [instance <instance>]", .function = ipsec_itf_create_cli, }; -/* *INDENT-ON* */ static clib_error_t * ipsec_itf_delete_cli (vlib_main_t * vm, @@ -482,13 +478,11 @@ ipsec_itf_delete_cli (vlib_main_t * vm, * Example of how to create a ipsec_itf interface: * @cliexcmd{ipsec itf delete ipsec0} ?*/ -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_itf_delete_command, static) = { .path = "ipsec itf delete", .short_help = "ipsec itf delete <interface>", .function = ipsec_itf_delete_cli, }; -/* *INDENT-ON* */ static clib_error_t * ipsec_interface_show (vlib_main_t * vm, @@ -496,12 +490,10 @@ ipsec_interface_show (vlib_main_t * vm, { index_t ii; - /* *INDENT-OFF* */ pool_foreach_index (ii, ipsec_itf_pool) { vlib_cli_output (vm, "%U", format_ipsec_itf, ii); } - /* *INDENT-ON* */ return NULL; } @@ -509,14 +501,12 @@ ipsec_interface_show (vlib_main_t * vm, /** * show IPSEC tunnel protection hash tables */ -/* *INDENT-OFF* */ VLIB_CLI_COMMAND (ipsec_interface_show_node, static) = { .path = "show ipsec interface", .function = ipsec_interface_show, .short_help = "show ipsec interface", }; -/* *INDENT-ON* */ /* * fd.io coding-style-patch-verification: ON diff --git a/src/vnet/ipsec/ipsec_output.c b/src/vnet/ipsec/ipsec_output.c index 028d9761c07..787da9359e0 100644 --- a/src/vnet/ipsec/ipsec_output.c +++ b/src/vnet/ipsec/ipsec_output.c @@ -335,7 +335,6 @@ VLIB_NODE_FN (ipsec4_output_node) (vlib_main_t * vm, return ipsec_output_inline (vm, node, frame, 0); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ipsec4_output_node) = { .name = "ipsec4-output-feature", .vector_size = sizeof (u32), @@ -352,7 +351,6 @@ VLIB_REGISTER_NODE (ipsec4_output_node) = { #undef _ }, }; -/* *INDENT-ON* */ VLIB_NODE_FN (ipsec6_output_node) (vlib_main_t * vm, vlib_node_runtime_t * node, diff --git a/src/vnet/ipsec/ipsec_sa.c b/src/vnet/ipsec/ipsec_sa.c index 1656b9aa0cc..1d5195ec793 100644 --- a/src/vnet/ipsec/ipsec_sa.c +++ b/src/vnet/ipsec/ipsec_sa.c @@ -159,7 +159,6 @@ ipsec_sa_set_integ_alg (ipsec_sa_t * sa, ipsec_integ_alg_t integ_alg) void ipsec_sa_set_async_op_ids (ipsec_sa_t * sa) { - /* *INDENT-OFF* */ if (ipsec_sa_is_set_USE_ESN (sa)) { #define _(n, s, k) \ @@ -190,7 +189,6 @@ ipsec_sa_set_async_op_ids (ipsec_sa_t * sa) sa->crypto_async_dec_op_id = VNET_CRYPTO_OP_##c##_##h##_TAG##d##_DEC; foreach_crypto_link_async_alg #undef _ - /* *INDENT-ON* */ } int @@ -646,13 +644,11 @@ ipsec_sa_walk (ipsec_sa_walk_cb_t cb, void *ctx) { ipsec_sa_t *sa; - /* *INDENT-OFF* */ pool_foreach (sa, ipsec_sa_pool) { if (WALK_CONTINUE != cb (sa, ctx)) break; } - /* *INDENT-ON* */ } /** diff --git a/src/vnet/ipsec/ipsec_spd.c b/src/vnet/ipsec/ipsec_spd.c index 080497ae888..7b9a0aea8ed 100644 --- a/src/vnet/ipsec/ipsec_spd.c +++ b/src/vnet/ipsec/ipsec_spd.c @@ -38,12 +38,10 @@ ipsec_add_del_spd (vlib_main_t * vm, u32 spd_id, int is_add) if (!spd) return VNET_API_ERROR_INVALID_VALUE; - /* *INDENT-OFF* */ hash_foreach (k, v, im->spd_index_by_sw_if_index, ({ if (v == spd_index) ipsec_set_interface_spd(vm, k, spd_id, 0); })); - /* *INDENT-ON* */ hash_unset (im->spd_index_by_spd_id, spd_id); #define _(s,v) vec_free(spd->policies[IPSEC_SPD_POLICY_##s]); foreach_ipsec_spd_policy_type diff --git a/src/vnet/ipsec/ipsec_tun.c b/src/vnet/ipsec/ipsec_tun.c index 82f5a11d26f..ecda291e985 100644 --- a/src/vnet/ipsec/ipsec_tun.c +++ b/src/vnet/ipsec/ipsec_tun.c @@ -236,7 +236,6 @@ ipsec_tun_protect_rx_db_add (ipsec_main_t * im, if (ip46_address_is_zero (&itp->itp_crypto.dst)) return; - /* *INDENT-OFF* */ FOR_EACH_IPSEC_PROTECT_INPUT_SAI(itp, sai, ({ sa = ipsec_sa_get (sai); @@ -291,7 +290,6 @@ ipsec_tun_protect_rx_db_add (ipsec_main_t * im, ipsec_tun_register_nodes (AF_IP6); } })) - /* *INDENT-ON* */ } static adj_walk_rc_t @@ -371,7 +369,6 @@ ipsec_tun_protect_rx_db_remove (ipsec_main_t * im, { const ipsec_sa_t *sa; - /* *INDENT-OFF* */ FOR_EACH_IPSEC_PROTECT_INPUT_SA(itp, sa, ({ if (ip46_address_is_ip4 (&itp->itp_crypto.dst)) @@ -405,7 +402,6 @@ ipsec_tun_protect_rx_db_remove (ipsec_main_t * im, } } })); - /* *INDENT-ON* */ } static adj_walk_rc_t @@ -464,7 +460,6 @@ ipsec_tun_protect_set_crypto_addr (ipsec_tun_protect_t * itp) { ipsec_sa_t *sa; - /* *INDENT-OFF* */ FOR_EACH_IPSEC_PROTECT_INPUT_SA(itp, sa, ({ if (ipsec_sa_is_set_IS_TUNNEL (sa)) @@ -484,7 +479,6 @@ ipsec_tun_protect_set_crypto_addr (ipsec_tun_protect_t * itp) itp->itp_flags &= ~IPSEC_PROTECT_ENCAPED; } })); - /* *INDENT-ON* */ } static void @@ -504,13 +498,11 @@ ipsec_tun_protect_config (ipsec_main_t * im, if (itp->itp_flags & IPSEC_PROTECT_ITF) ipsec_sa_set_NO_ALGO_NO_DROP (ipsec_sa_get (itp->itp_out_sa)); - /* *INDENT-OFF* */ FOR_EACH_IPSEC_PROTECT_INPUT_SAI(itp, sai, ({ ipsec_sa_lock(sai); })); ipsec_tun_protect_set_crypto_addr(itp); - /* *INDENT-ON* */ /* * add to the DB against each SA @@ -527,7 +519,6 @@ ipsec_tun_protect_unconfig (ipsec_main_t * im, ipsec_tun_protect_t * itp) ipsec_sa_t *sa; index_t sai; - /* *INDENT-OFF* */ FOR_EACH_IPSEC_PROTECT_INPUT_SA(itp, sa, ({ ipsec_sa_unset_IS_PROTECT (sa); @@ -543,7 +534,6 @@ ipsec_tun_protect_unconfig (ipsec_main_t * im, ipsec_tun_protect_t * itp) ({ ipsec_sa_unlock(sai); })); - /* *INDENT-ON* */ ITP_DBG (itp, "unconfigured"); } @@ -751,12 +741,10 @@ ipsec_tun_protect_walk (ipsec_tun_protect_walk_cb_t fn, void *ctx) { index_t itpi; - /* *INDENT-OFF* */ pool_foreach_index (itpi, ipsec_tun_protect_pool) { fn (itpi, ctx); } - /* *INDENT-ON* */ } void @@ -772,12 +760,10 @@ ipsec_tun_protect_walk_itf (u32 sw_if_index, idi = &itp_db.id_itf[sw_if_index]; - /* *INDENT-OFF* */ hash_foreach(key, itpi, idi->id_hash, ({ fn (itpi, ctx); })); - /* *INDENT-ON* */ if (INDEX_INVALID != idi->id_itp) fn (idi->id_itp, ctx); } diff --git a/src/vnet/ipsec/ipsec_tun_in.c b/src/vnet/ipsec/ipsec_tun_in.c index a419d8c4fe8..c82de3ebaff 100644 --- a/src/vnet/ipsec/ipsec_tun_in.c +++ b/src/vnet/ipsec/ipsec_tun_in.c @@ -411,7 +411,6 @@ VLIB_NODE_FN (ipsec4_tun_input_node) (vlib_main_t * vm, return ipsec_tun_protect_input_inline (vm, node, from_frame, 0); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ipsec4_tun_input_node) = { .name = "ipsec4-tun-input", .vector_size = sizeof (u32), @@ -421,7 +420,6 @@ VLIB_REGISTER_NODE (ipsec4_tun_input_node) = { .error_counters = ipsec_tun_error_counters, .sibling_of = "device-input", }; -/* *INDENT-ON* */ VLIB_NODE_FN (ipsec6_tun_input_node) (vlib_main_t * vm, vlib_node_runtime_t * node, @@ -430,7 +428,6 @@ VLIB_NODE_FN (ipsec6_tun_input_node) (vlib_main_t * vm, return ipsec_tun_protect_input_inline (vm, node, from_frame, 1); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ipsec6_tun_input_node) = { .name = "ipsec6-tun-input", .vector_size = sizeof (u32), @@ -440,7 +437,6 @@ VLIB_REGISTER_NODE (ipsec6_tun_input_node) = { .error_counters = ipsec_tun_error_counters, .sibling_of = "device-input", }; -/* *INDENT-ON* */ /* * fd.io coding-style-patch-verification: ON |