From 282872127bbeee6ae59ab3f885c09bad601ee0cc Mon Sep 17 00:00:00 2001
From: Neale Ranns <nranns@cisco.com>
Date: Mon, 16 Dec 2019 00:53:11 +0000
Subject: ipsec: IPSec protection for multi-point tunnel interfaces

Type: feature

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iaba2ab11bfaa1c8db4023434e3043ac39500f938
---
 src/vnet/ip/ip_types.c     | 49 ++++++++++++++++++++++++++++++++++++++++------
 src/vnet/ip/ip_types.h     | 10 ++++++++--
 src/vnet/ip/ip_types_api.c | 36 ++++++++++++++++++++++++++++++++++
 src/vnet/ip/ip_types_api.h | 18 +++++++++--------
 4 files changed, 97 insertions(+), 16 deletions(-)

(limited to 'src/vnet/ip')

diff --git a/src/vnet/ip/ip_types.c b/src/vnet/ip/ip_types.c
index 3378da6625d..83228da3330 100644
--- a/src/vnet/ip/ip_types.c
+++ b/src/vnet/ip/ip_types.c
@@ -94,6 +94,21 @@ ip_address_size (const ip_address_t * a)
   return 0;
 }
 
+bool
+ip_address_is_zero (const ip_address_t * ip)
+{
+  switch (ip_addr_version (ip))
+    {
+    case AF_IP4:
+      return (ip_addr_v4 (ip).as_u32 == 0);
+    case AF_IP6:
+      return (ip_addr_v6 (ip).as_u64[0] == 0 &&
+	      ip_addr_v6 (ip).as_u64[1] == 0);
+      break;
+    }
+  return false;
+}
+
 int
 ip_address_cmp (const ip_address_t * ip1, const ip_address_t * ip2)
 {
@@ -155,13 +170,14 @@ ip_address_set (ip_address_t * dst, const void *src, u8 version)
   ip_addr_version (dst) = version;
 }
 
-void
-ip_address_to_46 (const ip_address_t * addr,
-		  ip46_address_t * a, fib_protocol_t * proto)
+fib_protocol_t
+ip_address_to_46 (const ip_address_t * addr, ip46_address_t * a)
 {
-  *proto = (AF_IP4 == ip_addr_version (addr) ?
-	    FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6);
-  switch (*proto)
+  fib_protocol_t proto;
+
+  proto = (AF_IP4 == ip_addr_version (addr) ?
+	   FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6);
+  switch (proto)
     {
     case FIB_PROTOCOL_IP4:
       ip46_address_set_ip4 (a, &addr->ip.v4);
@@ -173,6 +189,27 @@ ip_address_to_46 (const ip_address_t * addr,
       ASSERT (0);
       break;
     }
+
+  return (proto);
+}
+
+void
+ip_address_from_46 (const ip46_address_t * nh,
+		    fib_protocol_t fproto, ip_address_t * ip)
+{
+  switch (fproto)
+    {
+    case FIB_PROTOCOL_IP4:
+      clib_memset (ip, 0, sizeof (*ip));
+      ip_address_set (ip, &nh->ip4, AF_IP4);
+      break;
+    case FIB_PROTOCOL_IP6:
+      ip_address_set (ip, &nh->ip6, AF_IP6);
+      break;
+    default:
+      ASSERT (0);
+      break;
+    }
 }
 
 static void
diff --git a/src/vnet/ip/ip_types.h b/src/vnet/ip/ip_types.h
index d2927252434..dc07d23087d 100644
--- a/src/vnet/ip/ip_types.h
+++ b/src/vnet/ip/ip_types.h
@@ -46,11 +46,15 @@ typedef struct ip_address
 } __clib_packed ip_address_t;
 /* *INDENT-ON* */
 
+#define IP_ADDRESS_V4_ALL_0S {.ip.v4.as_u32 = 0, .version = AF_IP4}
+#define IP_ADDRESS_V6_ALL_0S {.ip.v4.as_u32 = 0, .version = AF_IP6}
+
 #define ip_addr_addr(_a) (_a)->ip
 #define ip_addr_v4(_a) (_a)->ip.v4
 #define ip_addr_v6(_a) (_a)->ip.v6
 #define ip_addr_version(_a) (_a)->version
 
+extern bool ip_address_is_zero (const ip_address_t * ip);
 extern int ip_address_cmp (const ip_address_t * ip1,
 			   const ip_address_t * ip2);
 extern void ip_address_copy (ip_address_t * dst, const ip_address_t * src);
@@ -60,8 +64,10 @@ extern u16 ip_address_size (const ip_address_t * a);
 extern u16 ip_version_to_size (u8 ver);
 extern u8 *format_ip_address (u8 * s, va_list * args);
 extern uword unformat_ip_address (unformat_input_t * input, va_list * args);
-extern void ip_address_to_46 (const ip_address_t * addr,
-			      ip46_address_t * a, fib_protocol_t * proto);
+extern fib_protocol_t ip_address_to_46 (const ip_address_t * addr,
+					ip46_address_t * a);
+extern void ip_address_from_46 (const ip46_address_t * a,
+				fib_protocol_t fproto, ip_address_t * addr);
 
 /* *INDENT-OFF* */
 typedef struct ip_prefix
diff --git a/src/vnet/ip/ip_types_api.c b/src/vnet/ip/ip_types_api.c
index 0f7f0e530f9..2e92e723772 100644
--- a/src/vnet/ip/ip_types_api.c
+++ b/src/vnet/ip/ip_types_api.c
@@ -163,6 +163,26 @@ ip_address_decode (const vl_api_address_t * in, ip46_address_t * out)
   return (ip_address_union_decode (&in->un, in->af, out));
 }
 
+void
+ip_address_decode2 (const vl_api_address_t * in, ip_address_t * out)
+{
+  switch (clib_net_to_host_u32 (in->af))
+    {
+    case ADDRESS_IP4:
+      clib_memset (out, 0, sizeof (*out));
+      clib_memcpy (&ip_addr_v4 (out), &in->un.ip4, sizeof (ip_addr_v4 (out)));
+      out->version = AF_IP4;
+      break;
+    case ADDRESS_IP6:
+      clib_memcpy (&ip_addr_v6 (out), &in->un.ip6, sizeof (ip_addr_v6 (out)));
+      out->version = AF_IP6;
+      break;
+    default:
+      ASSERT (!"Unknown address family in API address type");
+      break;
+    }
+}
+
 static void
 ip_address_union_encode (const ip46_address_t * in,
 			 vl_api_address_family_t af,
@@ -196,6 +216,22 @@ ip_address_encode (const ip46_address_t * in,
   ip_address_union_encode (in, out->af, &out->un);
 }
 
+void
+ip_address_encode2 (const ip_address_t * in, vl_api_address_t * out)
+{
+  switch (in->version)
+    {
+    case AF_IP4:
+      out->af = clib_net_to_host_u32 (ADDRESS_IP4);
+      ip4_address_encode (&in->ip.v4, out->un.ip4);
+      break;
+    case AF_IP6:
+      out->af = clib_net_to_host_u32 (ADDRESS_IP6);
+      ip6_address_encode (&in->ip.v6, out->un.ip6);
+      break;
+    }
+}
+
 void
 ip_prefix_decode (const vl_api_prefix_t * in, fib_prefix_t * out)
 {
diff --git a/src/vnet/ip/ip_types_api.h b/src/vnet/ip/ip_types_api.h
index a80158052b8..2035dbab6ac 100644
--- a/src/vnet/ip/ip_types_api.h
+++ b/src/vnet/ip/ip_types_api.h
@@ -40,10 +40,14 @@ extern u8 ip_dscp_encode (ip_dscp_t dscp);
 /**
  * Decode/Encode for struct/union types
  */
-extern ip46_type_t ip_address_decode (const struct _vl_api_address *in,
+extern ip46_type_t ip_address_decode (const vl_api_address_t * in,
 				      ip46_address_t * out);
 extern void ip_address_encode (const ip46_address_t * in,
-			       ip46_type_t type, struct _vl_api_address *out);
+			       ip46_type_t type, vl_api_address_t * out);
+extern void ip_address_decode2 (const vl_api_address_t * in,
+				ip_address_t * out);
+extern void ip_address_encode2 (const ip_address_t * in,
+				vl_api_address_t * out);
 extern void ip6_address_encode (const ip6_address_t * in,
 				vl_api_ip6_address_t out);
 extern void ip6_address_decode (const vl_api_ip6_address_t in,
@@ -53,15 +57,13 @@ extern void ip4_address_encode (const ip4_address_t * in,
 extern void ip4_address_decode (const vl_api_ip4_address_t in,
 				ip4_address_t * out);
 
-extern void ip_prefix_decode (const struct _vl_api_prefix *in,
-			      fib_prefix_t * out);
-extern void ip_prefix_encode (const fib_prefix_t * in,
-			      struct _vl_api_prefix *out);
+extern void ip_prefix_decode (const vl_api_prefix_t * in, fib_prefix_t * out);
+extern void ip_prefix_encode (const fib_prefix_t * in, vl_api_prefix_t * out);
 
-extern void ip_mprefix_decode (const struct _vl_api_mprefix *in,
+extern void ip_mprefix_decode (const vl_api_mprefix_t * in,
 			       mfib_prefix_t * out);
 extern void ip_mprefix_encode (const mfib_prefix_t * in,
-			       struct _vl_api_mprefix *out);
+			       vl_api_mprefix_t * out);
 
 #endif
 
-- 
cgit 1.2.3-korg