Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch fixes configuration of priority, port and type of protocol
for inbound and outbound policies in policy-based IPsec of this plugin.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I01ddc2e13ebbe87380e66a525aac1b615f619604
|
|
In the current implementation there is a bug related to the incorrect
message handling due to the wrong id.
The fix changes logic responsible for handling incoming API messages
by correcting their ids.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Iea29506053c9fd2e1d01bce83e7f4a6e1de39321
|
|
This patch addresses the issue when the list of available interfaces
is not up to date. Due to this issue adding a new route fails
and finally the connection is not established.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I3a63c0dd99ebc28ea149b4b23867440937682761
|
|
This patch addresses the issue where the message ID registration
in the register_event function is incorrect. Due to this incorrect
registration, the lookup for the corresponding callback on received
messages fails, eventually leading to a segmentation fault
and double-free memory space.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: If95182f972f64adb44d514e18c831cc9627d8f0f
|
|
In the current implementation there is a bug in the function
responsible for getting software interface index by the name of the
interface. Incorrect function is used to send the API message, also
the handler with replied message is incorrect.
The fix changes function to send dump message and also adds handler
with replied message in the correct way.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Id1a3ba2ce7e92d216907f344431b9e2acb1d5572
|
|
This patch add in missing src/dst port assignment in SA for udp port
if encap.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I84219c016c5a32590aba0371c01ad8d44cbf4c5c
|
|
This patch fix the memory leaks discovered in the current
implementation, inlcuding expired data, spd dump, and host names.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I3794f5db3c58d1e78df25f242c91e7a67363de53
|
|
Type: improvement
Since VPP-SWAN does not really need StrongSwan to be compiled,
this patch refines the Makefile to reflect the change.
In addition README is updated.
Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
Change-Id: I185957167ac71a44f4d12e78e1dac31c194f80f4
|
|
This patch adds a missing file descriptor free handler to prevent
invalid dereferencing in the future
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Idc809a70b1fedec9a06446344d5481d467c78c19
|
|
The current implementation of vpp-swan plugin adds the same policy rule
in SPD twice, and it is not necessary to have two the same rules in
inbound-protect database.
This patch fixes an issue that prevents the addition of a second
identical policy rule in SPD.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Ieef74288e5301455658e4e101433147d6d2482e9
|
|
This patch adds a "charon.plugins.kernel-vpp.use_tunnel_mode_sa"
key into strongswan.conf. If this is turned off, SAs will be
installed without tunnel information and can be used to
"ipsec tunnel protect". For the route-based IPsec, it will be
used with turning "policies" off in swanctl.conf.
Type: feature
Signed-off-by: Atzm Watanabe <atzmism@gmail.com>
Change-Id: I58fb94bfe56627fa7002d9b95c48930a32993d2d
|
|
In order to loop over the list of `vl_api_ip_address_details_t`,
increment the pointer by one instead of `i`.
Type: fix
Change-Id: I8554d1388d67bb95e029eddf444d383fb85ecac7
Signed-off-by: Timur Celik <mail@timurcelik.de>
|
|
Since vpp_sswan plugin already merged in /vpp/extras/strongswan,
no need to provide additional vpp_sswan source files for docker image.
Type: fix
Signed-off-by: Yulong Pei <yulong.pei@intel.com>
Change-Id: I35bad22b1046e0dddbcf39e1af38d589d1438239
Signed-off-by: Yulong Pei <yulong.pei@intel.com>
|
|
Due to refactor keeping api common code in vlibapi, changes order
linked library to this plugin.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Id94c0b78cbce4954d34a82123506a76370b12b23
|
|
Added scripts to reparing setups for testing
To prepare and run containers:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh prepare_containers
To prepare setups:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh config
To clean-up settups:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh clean
To deleted all containers and images in Docker:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh deleted
Type: feature
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I77f01c0419dccc95f610046c8552ae825f2c7e12
|
|
Added plugin vpp-swan is a plugin that helps offloading
Strongswan IPsec ESP process from Linux Kernel to VPP.
Type: feature
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Iec77945892453fac1890d3c49d7d86fc6b09c893
|
|
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Iba82f8e0f18f3e1e4da57f4c23ba9272e87afd93
|
|
Type: improvement
Change-Id: Ie3b25a86b99098d2b3a21a11fc73234c8ed589d6
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
- Missing tags mess up doxygen TOC heirarchy
Type: docs
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I012d55c0ae90aecc665b56903f4212ddc0643943
|
|
Type: test
Ticket: VPP-1893
Change-Id: Ib6ffd00e73f7110bf9e702f4a0fd5c68395d6786
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|