From 17dcec0b940374127f6e1e004fb3ec261a0a3709 Mon Sep 17 00:00:00 2001 From: Neale Ranns Date: Wed, 9 Jan 2019 21:22:20 -0800 Subject: IPSEC: API modernisation - use enums to enumerate the algoritms and protocols that are supported - use address_t types to simplify encode/deocde - use typedefs of entry objects to get consistency between add/del API and dump Change-Id: I7e7c58c06a150e2439633ba9dca58bc1049677ee Signed-off-by: Neale Ranns --- test/test_ipsec_esp.py | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) (limited to 'test/test_ipsec_esp.py') diff --git a/test/test_ipsec_esp.py b/test/test_ipsec_esp.py index 96e4833621a..ae62aecc2ed 100644 --- a/test/test_ipsec_esp.py +++ b/test/test_ipsec_esp.py @@ -9,6 +9,7 @@ from vpp_ipsec import VppIpsecSpd, VppIpsecSpdEntry, VppIpsecSA,\ VppIpsecSpdItfBinding from vpp_ip_route import VppIpRoute, VppRoutePath from vpp_ip import DpoProto +from vpp_papi import VppEnum class TemplateIpsecEsp(TemplateIpsec): @@ -94,6 +95,7 @@ class TemplateIpsecEsp(TemplateIpsec): remote_tun_if_host = params.remote_tun_if_host addr_any = params.addr_any addr_bcast = params.addr_bcast + e = VppEnum.vl_api_ipsec_spd_action_t VppIpsecSA(self, scapy_tun_sa_id, scapy_tun_spi, auth_algo_vpp_id, auth_key, @@ -123,28 +125,32 @@ class TemplateIpsecEsp(TemplateIpsec): self.pg1.remote_addr[addr_type], self.pg1.remote_addr[addr_type], 0, - priority=10, policy=3, + priority=10, + policy=e.IPSEC_API_SPD_ACTION_PROTECT, is_outbound=0).add_vpp_config() VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id, self.pg1.remote_addr[addr_type], self.pg1.remote_addr[addr_type], remote_tun_if_host, remote_tun_if_host, 0, - priority=10, policy=3).add_vpp_config() + policy=e.IPSEC_API_SPD_ACTION_PROTECT, + priority=10).add_vpp_config() VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id, remote_tun_if_host, remote_tun_if_host, self.pg0.local_addr[addr_type], self.pg0.local_addr[addr_type], 0, - priority=20, policy=3, + priority=20, + policy=e.IPSEC_API_SPD_ACTION_PROTECT, is_outbound=0).add_vpp_config() VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id, self.pg0.local_addr[addr_type], self.pg0.local_addr[addr_type], remote_tun_if_host, remote_tun_if_host, 0, - priority=20, policy=3).add_vpp_config() + policy=e.IPSEC_API_SPD_ACTION_PROTECT, + priority=20).add_vpp_config() def config_esp_tra(self, params): addr_type = params.addr_type @@ -158,17 +164,20 @@ class TemplateIpsecEsp(TemplateIpsec): crypt_key = params.crypt_key addr_any = params.addr_any addr_bcast = params.addr_bcast + flags = (VppEnum.vl_api_ipsec_sad_flags_t. + IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY) + e = VppEnum.vl_api_ipsec_spd_action_t VppIpsecSA(self, scapy_tra_sa_id, scapy_tra_spi, auth_algo_vpp_id, auth_key, crypt_algo_vpp_id, crypt_key, self.vpp_esp_protocol, - use_anti_replay=1).add_vpp_config() + flags=flags).add_vpp_config() VppIpsecSA(self, vpp_tra_sa_id, vpp_tra_spi, auth_algo_vpp_id, auth_key, crypt_algo_vpp_id, crypt_key, self.vpp_esp_protocol, - use_anti_replay=1).add_vpp_config() + flags=flags).add_vpp_config() VppIpsecSpdEntry(self, self.tra_spd, vpp_tra_sa_id, addr_any, addr_bcast, @@ -185,14 +194,16 @@ class TemplateIpsecEsp(TemplateIpsec): self.tra_if.local_addr[addr_type], self.tra_if.remote_addr[addr_type], self.tra_if.remote_addr[addr_type], - 0, priority=10, policy=3, + 0, priority=10, + policy=e.IPSEC_API_SPD_ACTION_PROTECT, is_outbound=0).add_vpp_config() VppIpsecSpdEntry(self, self.tra_spd, scapy_tra_sa_id, self.tra_if.local_addr[addr_type], self.tra_if.local_addr[addr_type], self.tra_if.remote_addr[addr_type], self.tra_if.remote_addr[addr_type], - 0, priority=10, policy=3).add_vpp_config() + 0, policy=e.IPSEC_API_SPD_ACTION_PROTECT, + priority=10).add_vpp_config() class TestIpsecEsp1(TemplateIpsecEsp, IpsecTraTests, IpsecTunTests): -- cgit 1.2.3-korg