From 9ec846c2684b69f47505d73ea9f873b793a11558 Mon Sep 17 00:00:00 2001
From: Neale Ranns <neale@graphiant.com>
Date: Tue, 9 Feb 2021 14:04:02 +0000
Subject: ipsec: Use the new tunnel API types to add flow label and TTL copy
 support

Type: feature

attmpet 2. this includes changes in ah_encrypt that don't use
uninitialised memory when doing tunnel mode fixups.

Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie3cb776f5c415c93b8a5ee22f22586fd0181110d
---
 src/vnet/ipsec/ipsec_types.api | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

(limited to 'src/vnet/ipsec/ipsec_types.api')

diff --git a/src/vnet/ipsec/ipsec_types.api b/src/vnet/ipsec/ipsec_types.api
index ca1b3788e64..b47355908e7 100644
--- a/src/vnet/ipsec/ipsec_types.api
+++ b/src/vnet/ipsec/ipsec_types.api
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-option version = "3.0.0";
+option version = "3.0.1";
 
 import "vnet/ip/ip_types.api";
 import "vnet/tunnel/tunnel_types.api";
@@ -162,6 +162,28 @@ typedef ipsec_sad_entry_v2
   u16 udp_dst_port [default=4500];
 };
 
+typedef ipsec_sad_entry_v3
+{
+  u32 sad_id;
+  u32 spi;
+
+  vl_api_ipsec_proto_t protocol;
+
+  vl_api_ipsec_crypto_alg_t crypto_algorithm;
+  vl_api_key_t crypto_key;
+
+  vl_api_ipsec_integ_alg_t integrity_algorithm;
+  vl_api_key_t integrity_key;
+
+  vl_api_ipsec_sad_flags_t flags;
+
+  vl_api_tunnel_t tunnel;
+
+  u32 salt;
+  u16 udp_src_port [default=4500];
+  u16 udp_dst_port [default=4500];
+};
+
 
 /*
  * Local Variables:
-- 
cgit 1.2.3-korg