Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Ie42b26e6d5cdb7b23f370ea2933c65079e8d1089
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
hard code IV and key lengths based on cipher.
Init IV from random data, use AES instruction to rotate.
Change-Id: I13a6507d12267b823c528660a903787baeba47a0
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
A plugin to use Intel IPSec MB library as a VPP crypto engine
This changes uses concepts from:
https://gerrit.fd.io/r/#/c/17301/
hence that author's work is acknowledge below
Change-Id: I2bf3beeb10f3c9706fa5efbdc9bc023e310f5a92
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
refactor the IPSEC tests a bit so we can parameterise
the setup.
Change-Id: I777e5eb8f29ca1dce3dd273ebd05dae5846790af
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I8c03c4aa90fb0056e11e0f234999c25d7839d759
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I925aa5bf9472e81f98072d63df499b19e6ddf43d
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iff6f81a49b9cff5522fbb4914d47472423eac5db
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: If76992e283a27fa193a6865257ab3aa764066e48
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Idb661261c2191adda963a7815822fd7a27a9e7a0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Idfc05cd0e09b50a26eaf747b7c49f720b009159a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I48a4b0a16f71cbab04dd0955d3ec4001074b57ed
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I0b47590400aebea09aa1b27de753be638e1ba870
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ic1b657794d23cb4d1664fc749ad2468339e376df
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Icdcbac7453baa837a9c0c4a2401dff4a6aa6cba0
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Icf83c876d0880d1872b84e0a3d34be654b76149f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I63741a22bc82f5f861e1c0f26a93b5569cc52061
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I2018d8367bb010e1ab30d9c7c23d9501fc38a2e5
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib828ea5106f3ae280e4ce233f2462dee363580b7
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib73352d6be26d639a7f9d47ca0570a1248bff04a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I4d3ba18ab5205317219989de55b6e50d3b1d8a79
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iec7da9adc970d005cd7d3d42839b5e51b0b5f5c3
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I6527e3fd8bbbca2d5f728621fc66b3856b39d505
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I81ecdf9fdcfcb017117b47dc031f93208e004d7c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I517a7bdae03abfea58451819e7854974397d77f8
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ibe7f806b9d600994e83c9f1be526fdb0a1ef1833
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Icdf51b094c34725c079d2e4acbb955744434302d
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iad6c4b867961ec8036110a4e15a829ddb93193ed
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I27f24095309082363ba0d0ba4bd69e2c0741dc1c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Id546c56a4904d13d4278055f3c5a5e4548e2efd0
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I6a76907dc7bed2a81282b63669bea2219d6903c9
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
This reverts commit 785368e559dbdf50676f74f43f13423c817abb52.
Change-Id: I782ac2be4e161790c73ccd4b08492e2188a6d79d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
p is overwritten by hash_unset so an incorrect value is passed to
ipsec_sa_del
Change-Id: I97300dd4421c62d7cfa47b8e7e9789becb2370e9
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ie8986bd3652d25c4befe681cea77df95aba37ebc
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
ipsec_tunnel_if_init might be called before ipsec_init
this memset in ipsec-init therefore zero the memory
allocated by ipsec_tunnel_if_init
Change-Id: Ie889f1bf624c76842ef77e5a51ed1d41fed4758d
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
|
|
Change-Id: Ibf320b3e7b054b686f3af9a55afd5d5bda9b1048
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: I4bfde738f9585b045cb5ba62cf51b141d639b1b2
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I5e981f12ff44243623cfd18d5e0ae06a7dfd1eb8
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ifd34aed8692d5acaa370d4976d974ac573e43705
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I9c45f390a6454c114f12f9c46c3a93fcecffa73f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
1. fix wrong assignemnt of lik/rik
2. keys initialized to 0, to avoid using random data
in stack. could cause memory overlapped then crash
3. show sa->id in hex format
Change-Id: Id0430aa49bb55c27cee4f97f8c0e4ec87515dcd2
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
|
|
1. changed to vlib_buffer_enqueue_to_next
2. error counter fixes; stats added to last_sw_if_index
when interface changed
3. udp-encap support
Change-Id: I70b0814aa37181fea4d70fa3c96c608adb5afe49
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
|
|
Change-Id: I1e431aa36a282ca7565c6618a940d591674b8cd2
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
baseline:
ipsec0-tx 1.27e1
ipsec-if-input 8.19e1
this change:
ipsec0-tx 6.17e0
ipsec-if-input 6.39e1
this also fixes the double tunnel TX counts by removing the duplicate
from the TX node.
Change-Id: Ie4608acda08dc653b6fb9e2c85185d83625efd40
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
ipsec_proto_main moved to ipsec.c
fix missing '\0' of backend name
Change-Id: I90760b3045973a46792c2f098d9b0b1b3d209ad0
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
|
|
Change-Id: I262a9412951b5df616920a8fad16c61eae96d0cc
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
also fix the stats to include all the data in the tunnel.
And don't load the SA.
Change-Id: I7cd2e8d879f19683175fd0de78a606a2836e6da2
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I5ef8b3f4be40a7a0b0f1cb90dc0e15a4711e8664
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
for easy integration with ptoducts running their own Ike stack.
Without the VPP IKE plugin loaded, the product is free to handle
IKE packets as it pleases.
Change-Id: Id0839f4d58b797f4c2da0382eb499fc08b05f66f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I7d48a4e236c6e7b11b0c9750a30fb68e829d64a5
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: If884a3840f34090e33ce7808d38e50f919290d9f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|