summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2020-02-25vlib: Punt reason allocation listener enable/disable callbackNeale Ranns8-29/+122
Type: improvement allow clients that allocate punt reasons to pass a callback function that is invoked when the first/last client registers to use/listen on that punt reason. This allows the client to perform some necessary configs that might not otherwise be enabled. IPSec uses this callback to register the ESP proto and UDP handling nodes, that would not otherwise be enabled unless a tunnel was present. Change-Id: I9759349903f21ffeeb253d4271e619e6bf46054b Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-25crypto: fix coverity warningsFilip Tehlar1-2/+3
Type: fix Change-Id: I89c0923ad6ac1daf65b2d24ad4b6f00b7703e58e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-25crypto-openssl: fix coverity warningsFilip Tehlar1-5/+5
Type: fix Change-Id: Ia42ff39a0a33f89901b8333a9e6ca82ca9805cc6 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-25ikev2: add retry logic for session initiationFilip Tehlar1-0/+27
Type: improvement Change-Id: Ib474dabb745bc2034d8d60261c095e35a8fff277 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-24tcp: dynamic max timers per loopFlorin Coras2-3/+22
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If0a634c277d4f8e4d32321f52253721a990bdb1d
2020-02-24crypto-native: introduce aes_gcm_flags_tDamjan Marion1-84/+107
Type: refactor Change-Id: I53b4a9c0b63e6e6c6a13c33c5baa4c3de562584b Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: introduce counter structDamjan Marion1-44/+51
Type: refactor Change-Id: I9ecc18ba3ec5f11622ea225690fb1dc262ea6fc1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24vlib: Alias RX or TX to directionNeale Ranns1-0/+8
Type: improvement for those that find that name usefull. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I6c99bcdbb10ca1615aeea6924c2d93a68b5b7684
2020-02-24vppinfra: correct fixed pool header size calculationDave Barach1-3/+1
Remove duplicate space allocation for the pool header. Not significant w/ CLIB_CACHE_LINE_BYTES >= 64 since the code rounds the size of the pool header to an even multiple of the cache line size. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I923f2a60e7565cf2dfbc18d78264bf82ff30c926
2020-02-24ethernet: trivial additionsNeale Ranns2-0/+9
Type: improvement - macros to identify SENDER and TARGET in ARP header - count the number of bits set in a mac_address Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Id31e27a4f5f01a8cfb70d3798416bb2519981654
2020-02-24l2: remove unused types and includes form feature arc codeNeale Ranns2-26/+0
Type: improvement Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ia441c069afe79ccd6428159df944d4c1d10a992d
2020-02-24ikev2: proper cleanup of SAs during rekeyFilip Tehlar2-11/+115
Type: fix Change-Id: Ifb675c7783f03de4db8147858dd93d9687176f40 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-24crypto-native: inverse Hi so it naturally fits into 512-bit registerDamjan Marion2-30/+34
Type: refactor Change-Id: I0c6ca9356af179abd0a414b356dea7e3a3eb0dd6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: replace aesni with aesDamjan Marion1-137/+134
This code also works on ARM so let's not use intel term.... Type: refactor Change-Id: Ie51d4359a83f2bf7a61c4861d486b7d009fc8057 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-24crypto-native: do not overwrite data after partial tagDamjan Marion1-1/+1
Type: fix Change-Id: I01de5f8813faff5406ccf67c21c42393c8648af6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-23session: include timer generated packets in max burstFlorin Coras1-1/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic9174c92ab05b58e62b00999fe9cbf4e9292d43e
2020-02-23session: minimize number of tx eventsFlorin Coras1-8/+21
Type: improvement Unset fifo tx event only if all data has been dequeued. Avoids frequent re-scheduling of sessions as new sessions. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I36a4c90b97e0255b88782032fb029640e6a73e90
2020-02-23vppinfra: deprecate CLIB_VEC64Dave Barach3-382/+0
Type: refactor Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Id1e7c0926036db4601c91438397ceed22381fc07
2020-02-22tcp: remove useless predictionSimon Zhang1-3/+1
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: Ie2dc2653baec92347eb2cbcd197a2e5ec6a80c79
2020-02-21ikev2: cleanup tunnels after subsequent sa-initFilip Tehlar1-0/+5
Type: fix Change-Id: I44e51bc37ff43999290d97fceb5f94b7c64041ec Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-21gbp: Coverity warnings for unitialized variablesNeale Ranns2-0/+3
Type: fix Change-Id: If74ad528e68f45b00719295388e0e1399452ef93 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-21fib: Uninitialised pad in the prefix (coverity warning)Neale Ranns1-0/+2
Type: fix Change-Id: Ia61d6fbf6e80977f83f1f6672e5e83b52ddeb0e5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-21ipsec: IPSec protection for multi-point tunnel interfacesNeale Ranns18-167/+661
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Iaba2ab11bfaa1c8db4023434e3043ac39500f938
2020-02-21ipip: Unintialized return variable (coverity warning)Neale Ranns1-0/+1
Type: fix Change-Id: I008f23b5f0c7269ddd35cc747a867240fbe9c49b Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-21ip: Unintialized variables in prefx setup (coverity warning)Neale Ranns2-0/+2
Type: fix Change-Id: I048c9ed423ca2993d2179cdce364ac98980311bb Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-21dhcp: update secondary radv_info structuresDave Barach3-27/+122
For details, see the Jira ticket below. Fix gerrit 23350. Type: fix Fixes: 28a6eb7 Ticket: VPP-1840 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic9248734bb330eadb302f8410e8db9c64723f075
2020-02-21vrrp: fix coverity errorsMatthew Smith2-1/+12
Type: fix Fixes: 39e9428b90 Fix warnings about potential problems with an implicit type cast and a null pointer dereference. Change-Id: I8c8d220e79ba45b62ba783cfe53cb49eef175fc8 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-02-20tcp: fix coverity warning in btFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4153a9a377b8b1da1366a94ff791ad99617b7a6d
2020-02-20lisp: fix coverity warningsFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie060b25b5e8c85d9b2037e300723a2b6023c65d1
2020-02-20hsa: cleanup vpp_echo JSON outputDave Wallace1-4/+8
- Fix invalid json syntax - Add bits_per_second rx/tx fields Type: fix Change-Id: I4100245b01093e99a6c7def16cd83572ab033e24 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2020-02-20dpdk: rx checksum offloadFlorin Coras1-0/+8
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5a3e3a41dcc60c0d9b291e51bb112e7701f73050
2020-02-20fib: adjacency midchain teardown (VPP-1841)Neale Ranns3-5/+40
Type: fix Change-Id: I57f8bfbce4feed9d2775875cb8b1b729a47900a4 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 24064d02aa9810ebc64c16dc778a179bb0ef5483)
2020-02-20nat: user deletion function & extra metricsFilip Varga4-0/+272
Type: improvement Signed-off-by: Filip Varga <fivarga@cisco.com> Change-Id: Ia5dbfe864c18e953ff49147a9a4684d2ca14b96e
2020-02-20ip-neighbor: Fix aging timeoutVladimir Isaev1-12/+19
Before this patch VPP checked age for ARP/NDP records every 1e5 seconds for any configured aging time. This is 27 hours and it looks like misprint because 1e5 is the number of 10us ticks in a second. Also time to wait is now difference between aging time and time alive for nodes in alive state. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: Ib5baa85032a44402d5f48c1145245260a42c7bae
2020-02-20map: honor pre-resolve param in map-tAlexander Chernavin6-30/+154
With this commit, forward the translated packet directly to the specified next-hop if pre-resolve param is enabled in MAP-T. Type: fix Change-Id: Ie26080c7820318c7982599577a4af6e4d01a0574 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-02-20map: honor icmp6-unreachables param in map-tAlexander Chernavin2-2/+47
With this commit, send ICMPv6 unreachable messages back if security check fails and icmp6-unreachables param enabled in MAP-T. Type: fix Change-Id: I9a8869df7763c764a1672e3faa1fde8dc13ec85a Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-02-20nat: avoid running pointless session cleanupsKlement Sekera3-11/+33
Save the next session timeout when sweeping sessions for cleanup so that we can avoid unnecessary runs of the sweeping algorithm. Type: fix Change-Id: I736d00f2dfe242af10f963fbe34b11128f8b0613 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-02-20nat: nat44 split slow and fast pathFilip Varga2-1080/+339
Type: improvement Change-Id: I07c7e1c154583906ac9af958f22ed9a1be382f4a Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-02-20ikev2: fix logging initFilip Tehlar1-3/+2
Type: fix Change-Id: I76bed5ce2df897d0e8e822ee1244018b0e39494d Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-20fib: fib path realloc during midchain stackNeale Ranns1-9/+13
Type: fix Change-Id: I0677f46dfa22c8abab7f311230a09ef1cd8ac335 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 02d5a67d39cbb8f1865227afdc79533578067b8d)
2020-02-20tls: need to use thread id to fetch the eventYu Ping1-2/+1
Type: fix Change-Id: I429351f04a2865be4a289a3021277f9b2ced902b Signed-off-by: Yu Ping <ping.yu@intel.com>
2020-02-19tcp: fix syn-sent resetFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2799ac9723ec3e7effe910bba401fc486c552cac
2020-02-19tls: handle disconect and reset in async modeYu Ping4-14/+48
Type: fix When async is enabled and request is inflight, delay close oepration Change-Id: I713078fe9832c1599e8860fc0a6bb98588f20943 Signed-off-by: Yu Ping <ping.yu@intel.com>
2020-02-18devices: netlink: add more error loggingMohsin Kazmi1-10/+50
Type: improvement Change-Id: I4d8ca04840845e1ba631e4260e155df2486155e6 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-02-18misc: deprecating the pluginFlorin Coras15-8618/+0
Type: refactor Not maintained Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5568ecf1161b63cd0f314e2b1503e350e214e51b
2020-02-18crypto: show crypto handlers re-designFilip Tehlar2-24/+37
Type: improvement Show simple and chained handler details on a single line. Change-Id: I5ad807a4d3608fc38c1134f564755d5751c30070 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-18crypto: add support for testing quad loops in crypto algosFilip Tehlar5-97/+504
This patch adds support for test cases with arbitrary long plaintext. Type: feature Change-Id: I48cd3642e30cc49eabc196c45d7f73c484e93057 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-18tcp: add fib to connection cli outputFlorin Coras1-2/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3de653fd90b8030125b627f751c7fb665ade5aee
2020-02-18crypto: add chained buffer support in ipsecmb (AES-GCM)Filip Tehlar1-0/+83
Type: feature Change-Id: Ia65caf38988c7e860e6d028f93659916825ef16b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-18vrrp: do not define _details as autoreplyVratko Polak1-4/+3
Without this, _details_reply messages also end up defined; which is not intended, as there are no _details_t_handler functions. Type: fix Fixes: 39e9428b90bc74d1bb15fc17759c8ef6ad712418 Change-Id: Id052b00b00623ca92e5ddce4cc5e1bdfbb1031db Signed-off-by: Vratko Polak <vrpolak@cisco.com>
an> self.send_and_expect(self.pg0, p6*11, self.pg1) for p in rx: self.validate(p[1], p6_reply) # IPv4 in to IPv6 tunnel p4 = (p_ether / p_ip4 / p_payload) p4_reply = (IPv6(src=self.pg0.local_ip6, dst=self.pg1.remote_ip6, hlim=63, tc=42) / p_ip4 / p_payload) p4_reply[1].ttl -= 1 rx = self.send_and_expect(self.pg0, p4*11, self.pg1) for p in rx: self.validate(p[1], p4_reply) # Decapsulation p_ether = Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac) # IPv6 tunnel to IPv4 p_ip4 = IP(src="1.2.3.4", dst=self.pg0.remote_ip4) p4 = (p_ether / IPv6(src=self.pg1.remote_ip6, dst=self.pg0.local_ip6) / p_ip4 / p_payload) p4_reply = (p_ip4 / p_payload) p4_reply.ttl -= 1 rx = self.send_and_expect(self.pg1, p4*11, self.pg0) for p in rx: self.validate(p[1], p4_reply) # IPv6 tunnel to IPv6 p_ip6 = IPv6(src="1:2:3::4", dst=self.pg0.remote_ip6) p6 = (p_ether / IPv6(src=self.pg1.remote_ip6, dst=self.pg0.local_ip6) / p_ip6 / p_payload) p6_reply = (p_ip6 / p_payload) p6_reply.hlim = 63 rx = self.send_and_expect(self.pg1, p6*11, self.pg0) for p in rx: self.validate(p[1], p6_reply) def test_ipip_create(self): """ ipip create / delete interface test """ rv = self.vapi.ipip_add_tunnel( src_address=inet_pton(AF_INET, '1.2.3.4'), dst_address=inet_pton(AF_INET, '2.3.4.5'), is_ipv6=0) sw_if_index = rv.sw_if_index self.vapi.ipip_del_tunnel(sw_if_index) if __name__ == '__main__': unittest.main(testRunner=VppTestRunner)