- ipsec_add_del_tunnel_args_t tun;
-
- clib_memset (&tun, 0, sizeof (ipsec_add_del_tunnel_args_t));
-
- tun.is_add = mp->is_add;
- tun.esn = mp->esn;
- tun.anti_replay = mp->anti_replay;
- tun.local_spi = ntohl (mp->local_spi);
- tun.remote_spi = ntohl (mp->remote_spi);
- tun.crypto_alg = mp->crypto_alg;
- tun.local_crypto_key_len = mp->local_crypto_key_len;
- tun.remote_crypto_key_len = mp->remote_crypto_key_len;
- tun.integ_alg = mp->integ_alg;
- tun.local_integ_key_len = mp->local_integ_key_len;
- tun.remote_integ_key_len = mp->remote_integ_key_len;
- tun.udp_encap = mp->udp_encap;
- tun.tx_table_id = ntohl (mp->tx_table_id);
- memcpy (&tun.local_ip, mp->local_ip, 4);
- memcpy (&tun.remote_ip, mp->remote_ip, 4);
- memcpy (&tun.local_crypto_key, &mp->local_crypto_key,
- mp->local_crypto_key_len);
- memcpy (&tun.remote_crypto_key, &mp->remote_crypto_key,
- mp->remote_crypto_key_len);
- memcpy (&tun.local_integ_key, &mp->local_integ_key,
- mp->local_integ_key_len);
- memcpy (&tun.remote_integ_key, &mp->remote_integ_key,
- mp->remote_integ_key_len);
- tun.renumber = mp->renumber;
- tun.show_instance = ntohl (mp->show_instance);
-
- rv = ipsec_add_del_tunnel_if_internal (vnm, &tun, &sw_if_index);
-
-#else
- rv = VNET_API_ERROR_UNIMPLEMENTED;
-#endif
-
- REPLY_MACRO2 (VL_API_IPSEC_TUNNEL_IF_ADD_DEL_REPLY, (
- {
- rmp->sw_if_index =
- htonl (sw_if_index);
- }));
-}
-
-static void
-send_ipsec_sa_details (ipsec_sa_t * sa, vl_api_registration_t * reg,
- u32 context, u32 sw_if_index)
-{
- vl_api_ipsec_sa_details_t *mp;
-
- mp = vl_msg_api_alloc (sizeof (*mp));
- clib_memset (mp, 0, sizeof (*mp));
- mp->_vl_msg_id = ntohs (VL_API_IPSEC_SA_DETAILS);
- mp->context = context;
-
- mp->sa_id = htonl (sa->id);
- mp->sw_if_index = htonl (sw_if_index);
-
- mp->spi = htonl (sa->spi);
- mp->protocol = sa->protocol;
+ ip46_address_t local_ip = ip46_address_initializer;
+ ip46_address_t remote_ip = ip46_address_initializer;
+ ipsec_key_t crypto_key, integ_key;
+ ipsec_sa_flags_t flags;
+ ip46_type_t local_ip_type, remote_ip_type;
+ ipip_transport_t transport;
+ u32 fib_index;
+
+ local_ip_type = ip_address_decode (&mp->local_ip, &local_ip);
+ remote_ip_type = ip_address_decode (&mp->remote_ip, &remote_ip);
+ transport = (IP46_TYPE_IP6 == local_ip_type ?
+ IPIP_TRANSPORT_IP6 : IPIP_TRANSPORT_IP4);
+
+ if (local_ip_type != remote_ip_type)
+ {
+ rv = VNET_API_ERROR_INVALID_VALUE;
+ goto done;
+ }