ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
ike0->exchange = IKEV2_EXCHANGE_SA_INIT;
ike0->ispi = sa.ispi;
+ ike0->rspi = 0;
/* store whole IKE payload - needed for PSK auth */
vec_free (sa.last_sa_init_req_packet_data);
sa.i_auth.method = p->auth.method;
sa.i_auth.hex = p->auth.hex;
sa.i_auth.data = vec_dup (p->auth.data);
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- clib_memcpy_fast (sa.i_auth.key, p->auth.key,
- EVP_PKEY_size (p->auth.key));
-#else
- sa.i_auth.key = vec_dup (p->auth.key);
-#endif
vec_add (sa.childs[0].tsi, &p->loc_ts, 1);
vec_add (sa.childs[0].tsr, &p->rem_ts, 1);
ikev2_init (vlib_main_t * vm)
{
ikev2_main_t *km = &ikev2_main;
- clib_error_t *error;
vlib_thread_main_t *tm = vlib_get_thread_main ();
int thread_id;
- if ((error = vlib_call_init_function (vm, ipsec_init)))
- return error;
-
clib_memset (km, 0, sizeof (ikev2_main_t));
km->vnet_main = vnet_get_main ();
km->vlib_main = vm;
km->sa_by_ispi = hash_create (0, sizeof (uword));
-
- if ((error = vlib_call_init_function (vm, ikev2_cli_init)))
- return error;
-
udp_register_dst_port (vm, 500, ikev2_node.index, 1);
+ ikev2_cli_reference ();
+
return 0;
}
-VLIB_INIT_FUNCTION (ikev2_init);
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (ikev2_init) =
+{
+ .runs_after = VLIB_INITS("ipsec_init"),
+};
+/* *INDENT-ON* */
+
static u8
ikev2_mngr_process_child_sa (ikev2_sa_t * sa, ikev2_child_sa_t * csa)
VLIB_PLUGIN_REGISTER () = {
.version = VPP_BUILD_VER,
- .description = "IKEv2",
+ .description = "Internet Key Exchange (IKEv2) Protocol",
};
/* *INDENT-ON* */