- r = self.test.vapi.ipsec_sad_entry_add_del(
- self.id,
- self.spi,
- self.integ_alg,
- self.integ_key,
- self.crypto_alg,
- self.crypto_key,
- self.proto,
- (self.tun_src if self.tun_src else []),
- (self.tun_dst if self.tun_dst else []),
- flags=self.flags,
- salt=self.salt)
+ entry = {
+ 'sad_id': self.id,
+ 'spi': self.spi,
+ 'integrity_algorithm': self.integ_alg,
+ 'integrity_key': {
+ 'length': len(self.integ_key),
+ 'data': self.integ_key,
+ },
+ 'crypto_algorithm': self.crypto_alg,
+ 'crypto_key': {
+ 'data': self.crypto_key,
+ 'length': len(self.crypto_key),
+ },
+ 'protocol': self.proto,
+ 'tunnel_src': (self.tun_src if self.tun_src else []),
+ 'tunnel_dst': (self.tun_dst if self.tun_dst else []),
+ 'flags': self.flags,
+ 'salt': self.salt
+ }
+ # don't explicitly send the defaults, let papi fill them in
+ if self.udp_src:
+ entry['udp_src_port'] = self.udp_src
+ if self.udp_dst:
+ entry['udp_dst_port'] = self.udp_dst
+ r = self.test.vapi.ipsec_sad_entry_add_del(is_add=1, entry=entry)