#include <vnet/ipsec/ipsec.h>
#include <vnet/ipsec/ikev2.h>
#include <vnet/ipsec/esp.h>
+#include <vnet/ipsec/ah.h>
ipsec_main_t ipsec_main;
return 0;
}
-static u8
+u8
ipsec_is_sa_used (u32 sa_index)
{
ipsec_main_t *im = &ipsec_main;
ASSERT (node);
im->esp_decrypt_node_index = node->index;
+ node = vlib_get_node_by_name (vm, (u8 *) "ah-encrypt");
+ ASSERT (node);
+ im->ah_encrypt_node_index = node->index;
+
+ node = vlib_get_node_by_name (vm, (u8 *) "ah-decrypt");
+ ASSERT (node);
+ im->ah_decrypt_node_index = node->index;
+
im->esp_encrypt_next_index = IPSEC_OUTPUT_NEXT_ESP_ENCRYPT;
im->esp_decrypt_next_index = IPSEC_INPUT_NEXT_ESP_DECRYPT;
+ im->ah_encrypt_next_index = IPSEC_OUTPUT_NEXT_AH_ENCRYPT;
+ im->ah_decrypt_next_index = IPSEC_INPUT_NEXT_AH_DECRYPT;
im->cb.check_support_cb = ipsec_check_support;
if ((error = vlib_call_init_function (vm, ipsec_tunnel_if_init)))
return error;
- esp_init ();
+ ipsec_proto_init ();
if ((error = ikev2_init (vm)))
return error;