diff options
Diffstat (limited to 'src/vnet/ipsec')
-rw-r--r-- | src/vnet/ipsec/ipsec.api | 13 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec.h | 4 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_api.c | 12 | ||||
-rw-r--r-- | src/vnet/ipsec/ipsec_if.c | 22 |
4 files changed, 36 insertions, 15 deletions
diff --git a/src/vnet/ipsec/ipsec.api b/src/vnet/ipsec/ipsec.api index f3b5993700b..011b0d4b1ff 100644 --- a/src/vnet/ipsec/ipsec.api +++ b/src/vnet/ipsec/ipsec.api @@ -511,7 +511,7 @@ define ipsec_spd_details { @param remote_integ_key_len - length of remote integrity key in bytes @param remote_integ_key - integrity key for inbound IPsec SA */ -autoreply define ipsec_tunnel_if_add_del { +define ipsec_tunnel_if_add_del { u32 client_index; u32 context; u8 is_add; @@ -533,6 +533,17 @@ autoreply define ipsec_tunnel_if_add_del { u8 remote_integ_key[128]; }; +/** \brief Add/delete IPsec tunnel interface response + @param context - sender context, to match reply w/ request + @param retval - return status + @param sw_if_index - sw_if_index of new interface (for successful add) +*/ +define ipsec_tunnel_if_add_del_reply { + u32 context; + i32 retval; + u32 sw_if_index; +}; + /* * Local Variables: * eval: (c-set-style "gnu") diff --git a/src/vnet/ipsec/ipsec.h b/src/vnet/ipsec/ipsec.h index c884e360004..1eff1c3a0be 100644 --- a/src/vnet/ipsec/ipsec.h +++ b/src/vnet/ipsec/ipsec.h @@ -308,7 +308,9 @@ uword unformat_ipsec_policy_action (unformat_input_t * input, va_list * args); uword unformat_ipsec_crypto_alg (unformat_input_t * input, va_list * args); uword unformat_ipsec_integ_alg (unformat_input_t * input, va_list * args); -/*u32 ipsec_add_del_tunnel_if (vnet_main_t * vnm, ipsec_add_del_tunnel_args_t * args); */ +int ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, + ipsec_add_del_tunnel_args_t * args, + u32 * sw_if_index); int ipsec_add_del_tunnel_if (ipsec_add_del_tunnel_args_t * args); int ipsec_add_del_ipsec_gre_tunnel (vnet_main_t * vnm, ipsec_add_del_ipsec_gre_tunnel_args_t * diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c index 04dff4d0fd0..3a5b89feb7d 100644 --- a/src/vnet/ipsec/ipsec_api.c +++ b/src/vnet/ipsec/ipsec_api.c @@ -357,6 +357,9 @@ vl_api_ipsec_tunnel_if_add_del_t_handler (vl_api_ipsec_tunnel_if_add_del_t * mp) { vl_api_ipsec_tunnel_if_add_del_reply_t *rmp; + ipsec_main_t *im = &ipsec_main; + vnet_main_t *vnm = im->vnet_main; + u32 sw_if_index = ~0; int rv; #if WITH_LIBSSL > 0 @@ -386,15 +389,20 @@ vl_api_ipsec_tunnel_if_add_del_t_handler (vl_api_ipsec_tunnel_if_add_del_t * memcpy (&tun.remote_integ_key, &mp->remote_integ_key, mp->remote_integ_key_len); - rv = ipsec_add_del_tunnel_if (&tun); + rv = ipsec_add_del_tunnel_if_internal (vnm, &tun, &sw_if_index); #else rv = VNET_API_ERROR_UNIMPLEMENTED; #endif - REPLY_MACRO (VL_API_IPSEC_TUNNEL_IF_ADD_DEL_REPLY); + REPLY_MACRO2 (VL_API_IPSEC_TUNNEL_IF_ADD_DEL_REPLY, ( + { + rmp->sw_if_index = + htonl (sw_if_index); + })); } + static void vl_api_ikev2_profile_add_del_t_handler (vl_api_ikev2_profile_add_del_t * mp) { diff --git a/src/vnet/ipsec/ipsec_if.c b/src/vnet/ipsec/ipsec_if.c index ed1248942e3..9b0eb5b2779 100644 --- a/src/vnet/ipsec/ipsec_if.c +++ b/src/vnet/ipsec/ipsec_if.c @@ -92,16 +92,12 @@ VNET_HW_INTERFACE_CLASS (ipsec_hw_class) = /* *INDENT-ON* */ static int -ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, - ipsec_add_del_tunnel_args_t * args); - -static int ipsec_add_del_tunnel_if_rpc_callback (ipsec_add_del_tunnel_args_t * a) { vnet_main_t *vnm = vnet_get_main (); ASSERT (vlib_get_thread_index () == 0); - return ipsec_add_del_tunnel_if_internal (vnm, a); + return ipsec_add_del_tunnel_if_internal (vnm, a, NULL); } int @@ -114,11 +110,12 @@ ipsec_add_del_tunnel_if (ipsec_add_del_tunnel_args_t * args) int ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, - ipsec_add_del_tunnel_args_t * args) + ipsec_add_del_tunnel_args_t * args, + u32 * sw_if_index) { ipsec_tunnel_if_t *t; ipsec_main_t *im = &ipsec_main; - vnet_hw_interface_t *hi; + vnet_hw_interface_t *hi = NULL; u32 hw_if_index = ~0; uword *p; ipsec_sa_t *sa; @@ -209,10 +206,10 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, t - im->tunnel_interfaces, ipsec_hw_class.index, t - im->tunnel_interfaces); - - hi = vnet_get_hw_interface (vnm, hw_if_index); - hi->output_node_index = ipsec_if_output_node.index; } + + hi = vnet_get_hw_interface (vnm, hw_if_index); + hi->output_node_index = ipsec_if_output_node.index; t->hw_if_index = hw_if_index; /*1st interface, register protocol */ @@ -220,7 +217,6 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, ip4_register_protocol (IP_PROTOCOL_IPSEC_ESP, ipsec_if_input_node.index); - return hw_if_index; } else { @@ -253,6 +249,10 @@ ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm, hash_unset (im->ipsec_if_pool_index_by_key, key); pool_put (im->tunnel_interfaces, t); } + + if (sw_if_index) + *sw_if_index = hi->sw_if_index; + return 0; } |