Code Review
/
csit.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
feat(api): Use newest API messages after rls2402
[csit.git]
/
resources
/
libraries
/
python
/
IPsecUtil.py
diff --git
a/resources/libraries/python/IPsecUtil.py
b/resources/libraries/python/IPsecUtil.py
index
07caad0
..
214764d
100644
(file)
--- a/
resources/libraries/python/IPsecUtil.py
+++ b/
resources/libraries/python/IPsecUtil.py
@@
-36,7
+36,8
@@
from resources.libraries.python.VPPUtil import VPPUtil
from resources.libraries.python.FlowUtil import FlowUtil
from resources.libraries.python.FlowUtil import FlowUtil
-IPSEC_UDP_PORT_NONE = 0xffff
+IPSEC_UDP_PORT_DEFAULT = 4500
+IPSEC_REPLAY_WINDOW_DEFAULT = 64
def gen_key(length):
def gen_key(length):
@@
-450,7
+451,7
@@
class IPsecUtil:
src_addr = u""
dst_addr = u""
src_addr = u""
dst_addr = u""
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add
_v2
"
err_msg = f"Failed to add Security Association Database entry " \
f"on host {node[u'host']}"
sad_entry = dict(
err_msg = f"Failed to add Security Association Database entry " \
f"on host {node[u'host']}"
sad_entry = dict(
@@
-471,8
+472,9
@@
class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
protocol=int(IPsecProto.IPSEC_API_PROTO_ESP),
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
protocol=int(IPsecProto.IPSEC_API_PROTO_ESP),
- udp_src_port=4500, # default value in api
- udp_dst_port=4500 # default value in api
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
with PapiSocketExecutor(node) as papi_exec:
)
args = dict(entry=sad_entry)
with PapiSocketExecutor(node) as papi_exec:
@@
-547,7
+549,7
@@
class IPsecUtil:
IPsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6
)
IPsecSadFlags.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6
)
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add
_v2
"
err_msg = f"Failed to add Security Association Database entry " \
f"on host {node[u'host']}"
err_msg = f"Failed to add Security Association Database entry " \
f"on host {node[u'host']}"
@@
-569,8
+571,9
@@
class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
protocol=int(IPsecProto.IPSEC_API_PROTO_ESP),
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
protocol=int(IPsecProto.IPSEC_API_PROTO_ESP),
- udp_src_port=4500, # default value in api
- udp_dst_port=4500, # default value in api
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
with PapiSocketExecutor(node, is_async=True) as papi_exec:
)
args = dict(entry=sad_entry)
with PapiSocketExecutor(node, is_async=True) as papi_exec:
@@
-1227,7
+1230,7
@@
class IPsecUtil:
# Configure IPSec SAD entries
ckeys = [bytes()] * existing_tunnels
ikeys = [bytes()] * existing_tunnels
# Configure IPSec SAD entries
ckeys = [bytes()] * existing_tunnels
ikeys = [bytes()] * existing_tunnels
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add
_v2
"
c_key = dict(
length=0,
data=None
c_key = dict(
length=0,
data=None
@@
-1255,8
+1258,9
@@
class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
salt=0,
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
salt=0,
- udp_src_port=IPSEC_UDP_PORT_NONE,
- udp_dst_port=IPSEC_UDP_PORT_NONE,
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
for i in range(existing_tunnels, n_tunnels):
)
args = dict(entry=sad_entry)
for i in range(existing_tunnels, n_tunnels):
@@
-1466,7
+1470,7
@@
class IPsecUtil:
]
)
# Configure IPSec SAD entries
]
)
# Configure IPSec SAD entries
- cmd = u"ipsec_sad_entry_add"
+ cmd = u"ipsec_sad_entry_add
_v2
"
c_key = dict(
length=0,
data=None
c_key = dict(
length=0,
data=None
@@
-1494,8
+1498,9
@@
class IPsecUtil:
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
salt=0,
dscp=int(IpDscp.IP_API_DSCP_CS0),
),
salt=0,
- udp_src_port=IPSEC_UDP_PORT_NONE,
- udp_dst_port=IPSEC_UDP_PORT_NONE,
+ udp_src_port=IPSEC_UDP_PORT_DEFAULT,
+ udp_dst_port=IPSEC_UDP_PORT_DEFAULT,
+ anti_replay_window_size=IPSEC_REPLAY_WINDOW_DEFAULT,
)
args = dict(entry=sad_entry)
for i in range(existing_tunnels, n_tunnels):
)
args = dict(entry=sad_entry)
for i in range(existing_tunnels, n_tunnels):
@@
-2033,10
+2038,8
@@
class IPsecUtil:
:param node: DUT node.
:type node: dict
"""
:param node: DUT node.
:type node: dict
"""
- cmds = [
- u"ipsec_sa_v4_dump"
- ]
- PapiSocketExecutor.dump_and_log(node, cmds)
+ cmd = "ipsec_sa_v5_dump"
+ PapiSocketExecutor.dump_and_log(node, [cmd])
@staticmethod
def vpp_ipsec_flow_enale_rss(node, proto, type, function="default"):
@staticmethod
def vpp_ipsec_flow_enale_rss(node, proto, type, function="default"):