aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/ikev2/ikev2_api.c
AgeCommit message (Collapse)AuthorFilesLines
2024-08-07ikev2: handoff packetsStanislav Zaikin1-0/+1
current approach saves state in per-thread data structure. in multi-worker + nat-t cases udp/500 and udp/4500 might be dispatched on different workers. this patch adds hands off packet to 1 explicit thread - 1st worker (or main thread in case there're no workers) or to thread that was explicitly set by user via configuration Type: improvement Change-Id: Ib5cd9a4b8612dfaa63b276035709524f7a492d4f Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
2024-05-07api: add to_net parameter to endian messagesOle Troan1-7/+7
The VPP API auto-generated endian conversion functions are intended to be symmetrical. They are used both by the API client and the API server. Called on send to convert from host endian to network endian and on receive to convert back. For variable length arrays, we have to iterate over the array and call a more specific handler for the array type. Unfortunately the length of the array is part of the api definition, and if it's endian swapped prior to the for loop, unexpected behaviour will ensue. There was an earlier fix, for some specific messages, but unfortunately that only fixed the problem from the VPP (server) side. This adds a new parameters to the endian handler, so the boundary argument to the loop can be treated differently depending on if this message is to the network or from the network. Type: fix Change-Id: I43011aed384e3b847579a1dd2c390867ae17a9ad Signed-off-by: Ole Troan <otroan@employees.org>
2024-04-23ikev2: uptimeDenys Haryachyy1-0/+173
Introduced SA and child SA uptime. Type: improvement Change-Id: I28cf9f90d35ebe035a31ed0a985a5e462c8536a8 Signed-off-by: Denys Haryachyy <garyachy@gmail.com>
2024-03-12misc: remove GNU Indent directivesDamjan Marion1-12/+0
Type: refactor Change-Id: I5235bf3e9aff58af6ba2c14e8c6529c4fc9ec86c Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-02-14ikev2: dump state and profile name in CLI and APIDenys Haryachyy1-0/+116
Type: improvement Change-Id: Ide4b45da99e3a67376281f6438997f3148be08e5 Signed-off-by: Denys Haryachyy <garyachy@gmail.com>
2021-09-29ikev2: build only when deps requirements are metFilip Tehlar1-112/+0
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I89bcc1ba804ded676b194dbda52704cd0c54a67e
2021-03-15ikev2: support responder hostnameFilip Tehlar1-0/+32
Type: feature Ticket: VPP-1901 Change-Id: I1ad222b54363fd35679d0132d458345a9a18362c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-02-16ikev2: fix coverity warningsFilip Tehlar1-19/+32
Type: fix Change-Id: Ia22b1189b82e885eb380f638ea6d05923a858f01 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-01-27ikev2: add per SA statsFilip Tehlar1-0/+13
Type: feature Change-Id: Ic502d806410ea3c8f3f1eac70b694114ccb053bf Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-12-14misc: move to new pool_foreach macrosDamjan Marion1-6/+6
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-11-26ikev2: better handling when no IKE DH configuredFilip Tehlar1-17/+85
Type: improvement Change-Id: I4289d20adaa3f2872889d5dbaafd9c025df8aca8 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-31ikev2: add option to disable NAT traversalFilip Tehlar1-1/+23
Type: feature Ticket: VPP-1935 Change-Id: I705f84047b112279377590157a1c7b4a34f693d2 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-05ikev2: support ipv6 traffic selectors & overlayFilip Tehlar1-11/+11
Ticket: VPP-1917 Type: feature Change-Id: Ie9f22e7336aa7807b1967c48de9843df10fb575c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-07-24ikev2: add SA dump APIjan_cavojsky1-0/+277
Type: feature Ticket: VPP-1897 Change-Id: I0245aceeb344efd29b1f9217c35889a8bbe1f744 Signed-off-by: jan_cavojsky <Jan.Cavojsky@pantheon.tech> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-07-20ikev2: refactor and test profile dump APIFilip Tehlar1-32/+40
Type: refactor Change-Id: I6b8dc68e5d4a452776fbaf5a69fbd7f53a8abb75 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-07-06ikev2: add profile dump APIJan Cavojsky1-0/+125
Type: feature Signed-off-by: Jan Cavojsky <Jan.Cavojsky@pantheon.tech> Change-Id: I84776a50b520134e8a3ca6ae41b4cc29009e6319
2020-04-07ikev2: make liveness params configurableFilip Tehlar1-0/+20
Introduce new cli for setting liveness check period and max retries for a peer to consider its partner dead. ikev2 set liveness <period-in-seconds> <max-retires> Type: improvement Change-Id: Iadae1de245d34fe3ee85e09b570f9df8c401772b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-03-21ikev2: add support for custom ipsec-over-udp portFilip Tehlar1-0/+24
Type: feature Change-Id: Ifee2b3dca85ea915067b9285e3636802bf0c19a8 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-03-02ikev2: make UDP encap flag configurableFilip Tehlar1-0/+22
Type: improvement Change-Id: I081dec2dc0c2bd0845dd4638b7b2f12806594112 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-28ikev2: fix incorrect reply messagesFilip Tehlar1-2/+2
Type: fix Change-Id: Idd679885f42de45429a1dcbf3b0af1037dc54d2b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-11ikev2: Configure a profile with an existing interfaceNeale Ranns1-0/+27
Type: feature ... rather than always creating a new interface. Change-Id: If8a22ad5a8a3a4e511bea7cab7d8bbf7e6af9433 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-06ikev2: use explicit api typesOle Troan1-0/+1
Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I2171ef678ecad12d681668257498a5a62004152f
2019-11-14ikev2: correct byte order in api handlersAleksander Djuric1-10/+21
Type: fix Signed-off-by: Aleksander Djuric <aleksander.djuric@gmail.com> Change-Id: I186286b8959ae138528a5171c22d3e1b00f46baf Signed-off-by: Aleksander Djuric <aleksander.djuric@gmail.com>
2019-09-27ikev2: remove api boilerplateOle Troan1-87/+5
Type: refactor Change-Id: Ib46ed3e65e75a97995a3e251d87324fec6595024 Signed-off-by: Ole Troan <ot@cisco.com>
2019-02-27IKEv2 plugin export fixesNeale Ranns1-5/+5
Change-Id: If6b0edb0dd242e0ef6953c8f4c1826eb80b9e1cc Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-25IKEv2 to pluginNeale Ranns1-0/+468
for easy integration with ptoducts running their own Ike stack. Without the VPP IKE plugin loaded, the product is free to handle IKE packets as it pleases. Change-Id: Id0839f4d58b797f4c2da0382eb499fc08b05f66f Signed-off-by: Neale Ranns <nranns@cisco.com>