aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2021-04-21ikev2: test responder behind NATFilip Tehlar1-29/+49
Type: test Ticket: VPP-1903 Change-Id: I7fab6931833d6e253b7b921172825387302d8f70 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 027d813a509be0f30e05b48b888007b0094e4faf)
2020-12-10nat: avoid hairpinning infinite loop problemElias Rudberg2-0/+100
Fix in nat44 hairpinning code to check if anything was actually changed in the snat_hairpinning() routine, and return 0 if nothing changed. This helps avoid an infinite loop repeating the three nodes nat44-hairpinning-->ip4-lookup-->ip4-local in case there was no change. Also add a corresponding test case. This is essentially a cherry-pick of change 30284 but the automatic cherry-picking did not work because of some filename changes. Type: fix Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net> Change-Id: I21a59ae7423f40abeff9fc0411330da58b3011f0
2020-12-02ikev2: fix nat traversalFilip Tehlar2-3/+48
Type: fix Change-Id: Ie723cf680745ec2292a15e2df05c1821436dba19 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 18107c974c24a708e309542d1dbf4a52acc70b08)
2020-11-26rdma: fixed UAR writing at txMohammed Hawari1-1/+1
Change-Id: Id81b4d27845c4e91cef90a4b8649662942d3cba1 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: fix (cherry picked from commit 3ef653aa886e6a07afba106b4f03c40e392e1307)
2020-11-26ikev2: better handling when no IKE DH configuredFilip Tehlar2-34/+161
Type: improvement Change-Id: I4289d20adaa3f2872889d5dbaafd9c025df8aca8 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit e1ab06c14deaff5cc0870f7ec76f36613ffcc2d3)
2020-11-26ikev2: fix issue when sending multiple requests at onceFilip Tehlar2-20/+68
Type: fix Change-Id: I8ed556de4370a03d10c56cce101cd5ea0d0aaf8b Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 38340fa32c96e9c6cb1593f03117dd504efbd5f4)
2020-11-26ikev2: respect punting only for ipv4Benoît Ganne1-1/+7
IPSec punting to IKEv2 is valid only for NAT-T in IPv4. Fix coverity CID 214915. Type: fix Change-Id: I6f2db38abf179565316f50c5d47c78acce3a0d01 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit d9ed0b67866fa6b8a5f449fdb8da8d6aacb5f225)
2020-11-26ikev2: fix memleak when tunnel protect failsFilip Tehlar1-16/+35
Type: fix Change-Id: I1d278fc2b03b948c054ff1686315635ac0278ae8 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 727082016f8822edcf40662d0059d3e8fab5e2ef)
2020-11-26ikev2: add tests for DPDFilip Tehlar1-1/+62
Type: test Change-Id: I9c1129a8596344551f3f8f2e029846d22511482e Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 2008e314537500975acbd666e38d3fa6e7261bf5)
2020-11-26ikev2: fix msg IDs generationFilip Tehlar1-14/+16
Type: fix Change-Id: Id922895c269f0d2450e55fcb6871b6857f443462 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit f6b02e0d0bfd7e0f1d79e8ee426f48ca37ae5ff3)
2020-11-26ikev2: fix udp encapFilip Tehlar2-9/+23
Type: fix Change-Id: I8c66f79f2d8cfff7c6d45e1fc5b529ffb3941491 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 67b8a7fa76d8ec2d73f1b2380e11bf8e2793448e)
2020-11-26ikev2: add option to disable NAT traversalFilip Tehlar9-34/+154
Type: feature Ticket: VPP-1935 Change-Id: I705f84047b112279377590157a1c7b4a34f693d2 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit d7fc12f07313f9147159f2562f6fcc928af7a963)
2020-11-26ikev2: fix reply during rekeyFilip Tehlar2-44/+192
Type: fix Change-Id: If87f4b8ae92508215fe91178958fe2ddb91e5a35 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 68ad6258374201ba8f0dc052e6f44d6250555249)
2020-11-26ikev2: increase tick interval in process nodeFilip Tehlar1-13/+2
This helps to resolve sporadic failures in unit tests. Type: fix Change-Id: I3abd77ed74310f9729a841e8569eafe6d7758dcb Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 761f8f0eaaf43f38fdd9d160ba19ff833de7d210)
2020-11-26ikev2: cli for disabling dead peer detectionFilip Tehlar3-2/+30
Type: feature Change-Id: I0db0a9b2f872753fa64d27335838cb34645a9ee8 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit af4a414eb74d1456121023e6b3aa76af6c16f89a)
2020-11-26ikev2: fix memory leakFilip Tehlar1-2/+7
Type: fix Change-Id: I33c38c791cc9a28898de402ae831c4862073eb2d Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit b8bc2f1ef3332a795880f11f1c45a77b1b7851f6)
2020-11-26ikev2: support sending requests from responderFilip Tehlar4-29/+146
Type: improvement Ticket: VPP-1894 Change-Id: I5a24a48416bca2ffbd346cdaa813fb25801e6c9b Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit edf2900ac633ae0d8575b04094b1bca40e1a221f)
2020-11-26ikev2: fix setting responder/initiator addressesFilip Tehlar4-67/+95
Type: fix Change-Id: Ic406aa914d92e802a5fb0f27c2ffa1b98db012b0 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit ec112e5a9eb708c1ee85faf569fef6fa40178294)
2020-11-26ikev2: prevent crash after no IP addressFilip Tehlar1-196/+345
Type: fix Ticket: VPP-1900 This fixes a crash when initiating IKE connection using interface without any IP address. It also ensures that the IKE connection is automatically retried once the interface obtains an address. Signed-off-by: jan_cavojsky <Jan.Cavojsky@pantheon.tech> Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ia1919c349e64b3a0a4198365e075e177e3ba3de5 (cherry picked from commit 6960da528443ea40b1cdab323c76f978f7b16a8b)
2020-11-26ikev2: fix initial contact cleanupFilip Tehlar2-306/+562
When looking for existing SA connection to clean up search all per thread data, not only current one. Type: fix Change-Id: I59312e08a07ca1f474b6389999e59320c5128e7d Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit e7c8396982607634b4c747870499671ffa53868e)
2020-11-26ikev2: fix coverity warningFilip Tehlar1-5/+21
Type: fix Change-Id: Iee96b3ea3e71ec248c3c3c98d153a08372b5faf0 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit dc6378f71bc7c9835845a91dbbc1646ea46df51e)
2020-11-26ikev2: fix memory leak in auth routineFilip Tehlar1-0/+4
Type: fix Change-Id: I93529b069925fcef32cdb22e27975b802b4c3b97 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 623d87fd39c53e2f4d8718014e76836fe07c4245)
2020-11-26ikev2: support ipv6 traffic selectors & overlayFilip Tehlar11-380/+695
Ticket: VPP-1917 Type: feature Change-Id: Ie9f22e7336aa7807b1967c48de9843df10fb575c Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 84962d19ba76eafd5c7658aa86ec61c9b81f7702)
2020-11-26ikev2: refactor ikev2 nodeFilip Tehlar1-407/+359
Type: refactor Change-Id: I65acbd5d9724c500a24699de973df08016d9d8d6 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 3434cb8fe379791050a85617775bb518cdd0eb5d)
2020-11-26ikev2: better packet parsing functionsFilip Tehlar7-274/+596
Ticket: VPP-1918 Type: improvement Change-Id: I2bc3e30121697404dcd54f1c2127bd85ccc1029e Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 558607dc3a96232191f413b9bc894524ff85f2a1)
2020-11-26ikev2: show IKE SA command improvementsFilip Tehlar1-95/+169
Ticket: VPP-1898 Type: improvement Change-Id: I1c56df331965c733a2d0eae63a12d5a4ee5a2e41 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 90690f1e8f39904990b4eeeb7851b248a9c908f3)
2020-11-26dns: use correct per-thread vlib_mainBenoît Ganne4-60/+63
Using vlib_main of another thread is prohibited. Type: fix Change-Id: I7ae294dfaf2526738e91408c9b4865ef9f801b8a Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 7483a7272d15354486371be7a20c4bf35ab2eb38)
2020-11-25dns: fix double-unlockBenoît Ganne1-12/+0
dns cache should no longer be unlocked by caller. Type: fix Fixes: 84a563ae4050cc0389dcd438fbe9ea882f2b8404 Change-Id: I3708718ae8f00e4e4f4e04381caa0095c8494b82 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 2113c7f28b154df16af3637f67484971759a00a7)
2020-11-13crypto-native: fix multi-arch variant initializationRay Kinsella1-4/+0
crypto_native/main.h is being built as default, and crypto_native_main is initialized with a size of 64 bytes. crypto_native/aes_gcm.c and crypto_native/aes_cbc.c are march variants, their ICL variants are expecting crypto_native_main to be 256 bytes. Type: fix Signed-off-by: Georgii Tkachuk <georgii.tkachuk@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I4cddb75b712ea83c9cfca621887605d7bae104ec
2020-11-12af_xdp: fix NUMA node parsingBenoît Ganne1-11/+9
Non-NUMA systems might report -1 as NUMA node. Type: fix Change-Id: I092c817ea670009d6f530cc70ad13d45e15fd363 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 4317b8efb1c4a4163b2585b9abd71ec38cd0862c)
2020-11-12wireguard: reset secret data before freeing itBenoît Ganne1-4/+4
Type: fix Change-Id: I880bdd55ae5da0b9775a3fb548d44512348a7bc6 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 2531d50101991011fb1c7755d48f11b41f092628)
2020-11-12svm: fix fifo unit testBenoît Ganne1-4/+6
- fix fifo initialization overflowing chunk size - stick to the default base virtual address to initialize fifo. ASAN can be picky about address space Type: fix Change-Id: If9a29138d2c207859d72845e928290c808c4a982 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 07b94558087facbb16c0fa82a79fcbbd9b44c485)
2020-11-12ikev2: fix cli memory leakBenoît Ganne1-30/+40
Type: fix Change-Id: Ibdd83fa336427ec0c66224ecebb1b6bd36d1d1ba Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 1f6a6b8b2b4efd4d6735ffd6fa683a0190f232e2)
2020-11-12rdma: add RSS support for IPv6 and TCPBenoît Ganne2-32/+58
Type: feature Change-Id: I8b0d918e6f13325954b29bf34e4ef224c1315c51 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 91603958d1d4fc3114739f9b264808940942e5c8)
2020-11-12af_xdp: add option to claim all available rx queuesBenoît Ganne6-38/+55
Type: feature Change-Id: I97176c2c90ea664a68078b3a7b7d44eb237a7f13 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit d4e109138279fcfbfce9d82384f0fa53b8f43ae1)
2020-11-05rdma: various fixes for chained buffers txMohammed Hawari1-14/+19
Type: fix Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Change-Id: I428c87e581db335362fef30e274db8947a896416 (cherry picked from commit a210433d534fe0039ddc2a9aa9840895aef0405d)
2020-10-14ikev2: fix leaking pending INIT requestsFilip Tehlar1-0/+16
.. when associated profile is deleted. Type: fix Change-Id: Ib05831d79b3b58664ee0a930960513fd465373bf Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 6614df53509030f1c3faf52512bcd8a9851dec5c)
2020-10-14ikev2: fix issue when decrypting packet with no keysFilip Tehlar1-1/+1
Type: fix Change-Id: I0e615d5089587992012a0f280ee902b2906f21c2 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-30ikev2: fix false positive NAT detectionFilip Tehlar1-18/+13
Type: fix Change-Id: Id7f865f537c55d00a784eec51624ba28e903a083 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-29ikev2: fix memory leaksBenoît Ganne2-3/+21
Type: fix Change-Id: I5be19a4923b37e2636621d36155178ac348ee41c Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit a8af7cf253c4e8ab9ba1a2cfed50f6236fea3a62)
2020-09-25misc: documentation fixesAndrew Yourtchenko1-1/+1
Change-Id: Id7ae7bbc53e89777892b973008baa93f1a083aac Type: docs Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2020-09-24wireguard: fix uninitialized peer index in handoffFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I41513b9aa6ca0db1fb9392a15e5ac329a635ebfa
2020-09-24wireguard: add handoff nodeArtem Glazychev18-448/+889
All timer and control plane functions happen from main thread Type: fix Change-Id: I4fc333c644485cd17e6f426493feef91688d9b24 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> (cherry picked from commit 8eb69407c8075e101b773d5a27ea21bd3fc906d7)
2020-09-23avf: wrong argument passed to avf_log_errSteven Luong1-1/+1
Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ica4601c9d17e182cbc348989a9f75ab1cb18b78a (cherry picked from commit ba3a20082d8e17388bfeca6c2b422e3a11a4eb69)
2020-09-16vmxnet3: gso fixesSteven Luong4-13/+29
outbound: wrong header len computation gso size and header length need to be set in the first segment of the chain inbound: EOP may have zero length descriptor to terminate the chain missing endian conversion for ethertype Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Iaa003c0e9af3ead4df6c6c0d5772a179d2ff15c4 (cherry picked from commit 007abe751f2ee86528d0ccc005a3da1c90850868)
2020-09-16avf: change promisc mode from the avf process nodeDamjan Marion2-7/+26
Avoid situations where promisc mode is chaged while avf process is suspended in the middle of adminq operation. Type: fix Change-Id: Ia1fc6551e83218b5938630ad3a15d4f3f0ceceff Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit 160a2a9a8c5c4e054dcc0e8ebeb3de7654718582)
2020-09-16avf: fix race between avf and cli/api processDamjan Marion6-35/+43
device pool my grow during suspemd which will cause crash in avf process after it exits from suspend. Type: fix Change-Id: I51fec90088c909cfbaaca6c245272a28c0827ca0 Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit 171d6aceb039a7f0b0d67c837ff74359dae01ae4)
2020-09-16api: clean up use of deprecated flagOle Troan3-13/+13
The syntax of the deprecated flag has evolved. Clean up usage to be "option deprecated;". Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: If2b639f275eb8db58b36c457f9245fe35a4d8cb1 (cherry picked from commit f916414b383afd37ec78509ee613df8878160406)
2020-09-16avf: add assert to ensure that adminq is used only from avf processDamjan Marion1-0/+5
Type: improvement Change-Id: Ib64c9b8207776986656e5a26c13a221edc6cc950 Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit 698eeb126d01427313949241b961c27347db8c72)
2020-09-16wireguard: Fix for tunnel encapNeale Ranns7-89/+468
Type: fix add UT for sneding handshale init and transport packets Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Iab1ed8864c666d5a0ae0b2364a9ca4de3c8770dc (cherry picked from commit d75a2d12c431fcffba2a2b4d59f18c9cec483ed9)