#include <vnet/ethernet/packet.h>
#include <openssl/evp.h>
-#include <openssl/hmac.h>
+#include <vnet/crypto/crypto.h>
#define MAX_VALUE_U24 0xffffff
return (u16) ~ 0;
}
-static const EVP_MD *
-get_encrypt_fcn (lisp_key_type_t key_id)
-{
- switch (key_id)
- {
- case HMAC_SHA_1_96:
- return EVP_sha1 ();
- case HMAC_SHA_256_128:
- return EVP_sha256 ();
- default:
- clib_warning ("unsupported encryption key type: %d!", key_id);
- break;
- }
- return 0;
-}
-
static int
queue_map_request (gid_address_t * seid, gid_address_t * deid,
u8 smr_invoked, u8 is_resend);
ip_lookup_main_t *lm;
void *addr;
- lm = (version == IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main;
+ lm = (version == AF_IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main;
addr = ip_interface_get_first_address (lm, sw_if_index, version);
if (!addr)
return 0;
void
ip_address_to_fib_prefix (const ip_address_t * addr, fib_prefix_t * prefix)
{
- if (addr->version == IP4)
+ if (addr->version == AF_IP4)
{
prefix->fp_len = 32;
prefix->fp_proto = FIB_PROTOCOL_IP4;
clib_memset (&prefix->fp_addr.pad, 0, sizeof (prefix->fp_addr.pad));
- memcpy (&prefix->fp_addr.ip4, &addr->ip, sizeof (prefix->fp_addr.ip4));
+ memcpy (&prefix->fp_addr.ip4, &addr->ip.ip4,
+ sizeof (prefix->fp_addr.ip4));
}
else
{
prefix->fp_len = 128;
prefix->fp_proto = FIB_PROTOCOL_IP6;
- memcpy (&prefix->fp_addr.ip6, &addr->ip, sizeof (prefix->fp_addr.ip6));
+ memcpy (&prefix->fp_addr.ip6, &addr->ip.ip6,
+ sizeof (prefix->fp_addr.ip6));
}
+ prefix->___fp___pad = 0;
}
/**
ipver = ip_addr_version (dst);
- lm = (ipver == IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main;
+ lm = (ipver == AF_IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main;
si = ip_fib_get_egress_iface_for_dst (lcm, dst);
if ((u32) ~ 0 == si)
return vnet_lisp_map_cache_add_del (a, map_index_result);
}
-static void
+static int
add_l2_arp_bd (BVT (clib_bihash_kv) * kvp, void *arg)
{
u32 **ht = arg;
u32 version = (u32) kvp->key[0];
- if (IP6 == version)
- return;
+ if (AF_IP6 == version)
+ return (BIHASH_WALK_CONTINUE);
u32 bd = (u32) (kvp->key[0] >> 32);
hash_set (ht[0], bd, 0);
+ return (BIHASH_WALK_CONTINUE);
}
u32 *
return bds;
}
-static void
+static int
add_ndp_bd (BVT (clib_bihash_kv) * kvp, void *arg)
{
u32 **ht = arg;
u32 version = (u32) kvp->key[0];
- if (IP4 == version)
- return;
+ if (AF_IP4 == version)
+ return (BIHASH_WALK_CONTINUE);
u32 bd = (u32) (kvp->key[0] >> 32);
hash_set (ht[0], bd, 0);
+ return (BIHASH_WALK_CONTINUE);
}
u32 *
u32 bd;
} lisp_add_l2_arp_ndp_args_t;
-static void
+static int
add_l2_arp_entry (BVT (clib_bihash_kv) * kvp, void *arg)
{
lisp_add_l2_arp_ndp_args_t *a = arg;
lisp_api_l2_arp_entry_t **vector = a->vector, e;
u32 version = (u32) kvp->key[0];
- if (IP6 == version)
- return;
+ if (AF_IP6 == version)
+ return (BIHASH_WALK_CONTINUE);
u32 bd = (u32) (kvp->key[0] >> 32);
e.ip4 = (u32) kvp->key[1];
vec_add1 (vector[0], e);
}
+ return (BIHASH_WALK_CONTINUE);
}
lisp_api_l2_arp_entry_t *
return entries;
}
-static void
+static int
add_ndp_entry (BVT (clib_bihash_kv) * kvp, void *arg)
{
lisp_add_l2_arp_ndp_args_t *a = arg;
lisp_api_ndp_entry_t **vector = a->vector, e;
u32 version = (u32) kvp->key[0];
- if (IP4 == version)
- return;
+ if (AF_IP4 == version)
+ return (BIHASH_WALK_CONTINUE);
u32 bd = (u32) (kvp->key[0] >> 32);
clib_memcpy (e.ip6, &kvp->key[1], 16);
vec_add1 (vector[0], e);
}
+ return (BIHASH_WALK_CONTINUE);
}
lisp_api_ndp_entry_t *
vec_free (a.eids_to_be_deleted);
}
-static void
-mapping_delete_timer (lisp_cp_main_t * lcm, u32 mi)
-{
- timing_wheel_delete (&lcm->wheel, mi);
-}
-
static int
is_local_ip (lisp_cp_main_t * lcm, ip_address_t * addr)
{
gid_address_copy (&m_args->eid, eid);
m_args->locator_set_index = old_map->locator_set_index;
- /* delete mapping associated from map-cache */
- vnet_lisp_map_cache_add_del (m_args, 0);
-
ls_args->is_add = 0;
ls_args->index = old_map->locator_set_index;
+ /* delete timer associated to the mapping if any */
+ if (old_map->timer_set)
+ TW (tw_timer_stop) (&lcm->wheel, old_map->timer_handle);
+
/* delete locator set */
vnet_lisp_add_del_locator_set (ls_args, 0);
- /* delete timer associated to the mapping if any */
- if (old_map->timer_set)
- mapping_delete_timer (lcm, mi);
+ /* delete mapping associated from map-cache */
+ vnet_lisp_map_cache_add_del (m_args, 0);
/* return old mapping index */
if (res_map_index)
removed = 1;
remove_locator_from_locator_set (ls, locit, ls_index, loc_id);
}
- if (0 == loc->local &&
- !gid_address_cmp (&loc->address, &itloc->address))
+ else if (0 == loc->local &&
+ !gid_address_cmp (&loc->address, &itloc->address))
{
removed = 1;
remove_locator_from_locator_set (ls, locit, ls_index, loc_id);
ls->name = vec_dup (a->name);
if (!lcm->locator_set_index_by_name)
- lcm->locator_set_index_by_name = hash_create_vec (
- /* size */
- 0,
- sizeof
- (ls->name
- [0]),
- sizeof
- (uword));
+ lcm->locator_set_index_by_name =
+ hash_create_vec ( /* size */ 0, sizeof (ls->name[0]),
+ sizeof (uword));
hash_set_mem (lcm->locator_set_index_by_name, ls->name,
ls_index);
}
}
+ if (is_enable)
+ vnet_lisp_create_retry_process (lcm);
+
/* update global flag */
lcm->is_enabled = is_enable;
loc->sw_if_index, 1 /* unnumbered */,
({
addr = ip_interface_address_get_address (&lcm->im4->lookup_main, ia);
- ip_address_set (rloc, addr, IP4);
+ ip_address_set (rloc, addr, AF_IP4);
ip_prefix_len (ippref) = 32;
ip_prefix_normalize (ippref);
vec_add1 (rlocs, gid[0]);
loc->sw_if_index, 1 /* unnumbered */,
({
addr = ip_interface_address_get_address (&lcm->im6->lookup_main, ia);
- ip_address_set (rloc, addr, IP6);
+ ip_address_set (rloc, addr, AF_IP6);
ip_prefix_len (ippref) = 128;
ip_prefix_normalize (ippref);
vec_add1 (rlocs, gid[0]);
({
addr = ip_interface_address_get_address (&lcm->im4->lookup_main,
ia);
- ip_address_set (new_ip, addr, IP4);
+ ip_address_set (new_ip, addr, AF_IP4);
}));
/* Add ipv6 locators */
({
addr = ip_interface_address_get_address (&lcm->im6->lookup_main,
ia);
- ip_address_set (new_ip, addr, IP6);
+ ip_address_set (new_ip, addr, AF_IP6);
}));
/* *INDENT-ON* */
return recs;
}
+static vnet_crypto_alg_t
+lisp_key_type_to_crypto_alg (lisp_key_type_t key_id)
+{
+ switch (key_id)
+ {
+ case HMAC_SHA_1_96:
+ return VNET_CRYPTO_ALG_HMAC_SHA1;
+ case HMAC_SHA_256_128:
+ return VNET_CRYPTO_ALG_HMAC_SHA256;
+ default:
+ clib_warning ("unsupported encryption key type: %d!", key_id);
+ break;
+ }
+ return VNET_CRYPTO_ALG_NONE;
+}
+
+static vnet_crypto_op_id_t
+lisp_key_type_to_crypto_op (lisp_key_type_t key_id)
+{
+ switch (key_id)
+ {
+ case HMAC_SHA_1_96:
+ return VNET_CRYPTO_OP_SHA1_HMAC;
+ case HMAC_SHA_256_128:
+ return VNET_CRYPTO_OP_SHA256_HMAC;
+ default:
+ clib_warning ("unsupported encryption key type: %d!", key_id);
+ break;
+ }
+ return VNET_CRYPTO_OP_NONE;
+}
+
static int
update_map_register_auth_data (map_register_hdr_t * map_reg_hdr,
lisp_key_type_t key_id, u8 * key,
u16 auth_data_len, u32 msg_len)
{
+ lisp_cp_main_t *lcm = vnet_lisp_cp_get_main ();
MREG_KEY_ID (map_reg_hdr) = clib_host_to_net_u16 (key_id);
MREG_AUTH_DATA_LEN (map_reg_hdr) = clib_host_to_net_u16 (auth_data_len);
+ vnet_crypto_op_t _op, *op = &_op;
+ vnet_crypto_key_index_t ki;
+
+ vnet_crypto_op_init (op, lisp_key_type_to_crypto_op (key_id));
+ op->len = msg_len;
+ op->digest = MREG_DATA (map_reg_hdr);
+ op->src = (u8 *) map_reg_hdr;
+ op->digest_len = 0;
+ op->iv = 0;
+
+ ki = vnet_crypto_key_add (lcm->vlib_main,
+ lisp_key_type_to_crypto_alg (key_id), key,
+ vec_len (key));
+
+ op->key_index = ki;
- unsigned char *result = HMAC (get_encrypt_fcn (key_id), key, vec_len (key),
- (unsigned char *) map_reg_hdr, msg_len, NULL,
- NULL);
- clib_memcpy (MREG_DATA (map_reg_hdr), result, auth_data_len);
+ vnet_crypto_process_ops (lcm->vlib_main, op, 1);
+ vnet_crypto_key_del (lcm->vlib_main, ki);
return 0;
}
vnet_buffer (b)->sw_if_index[VLIB_TX] = 0;
- next_index = (ip_addr_version (rloc) == IP4) ?
+ next_index = (ip_addr_version (rloc) == AF_IP4) ?
ip4_lookup_node.index : ip6_lookup_node.index;
f = vlib_get_frame_to_node (lcm->vlib_main, next_index);
vnet_buffer (b)->sw_if_index[VLIB_TX] = 0;
- next_index = (ip_addr_version (&lcm->active_map_server) == IP4) ?
+ next_index = (ip_addr_version (&lcm->active_map_server) == AF_IP4) ?
ip4_lookup_node.index : ip6_lookup_node.index;
f = vlib_get_frame_to_node (lcm->vlib_main, next_index);
/* set fib index to default and lookup node */
vnet_buffer (b)->sw_if_index[VLIB_TX] = 0;
- next_index = (ip_addr_version (&lcm->active_map_resolver) == IP4) ?
+ next_index = (ip_addr_version (&lcm->active_map_resolver) == AF_IP4) ?
ip4_lookup_node.index : ip6_lookup_node.index;
f = vlib_get_frame_to_node (lcm->vlib_main, next_index);
if ((ip4->ip_version_and_header_length & 0xF0) == 0x40)
{
- ip_address_set (src, &ip4->src_address, IP4);
- ip_address_set (dst, &ip4->dst_address, IP4);
+ ip_address_set (src, &ip4->src_address, AF_IP4);
+ ip_address_set (dst, &ip4->dst_address, AF_IP4);
}
else
{
ip6 = hdr;
- ip_address_set (src, &ip6->src_address, IP6);
- ip_address_set (dst, &ip6->dst_address, IP6);
+ ip_address_set (src, &ip6->src_address, AF_IP6);
+ ip_address_set (dst, &ip6->dst_address, AF_IP6);
}
}
u32 vni = ~0, table_id = ~0;
table_id = fib_table_get_table_id_for_sw_if_index ((version ==
- IP4 ? FIB_PROTOCOL_IP4 :
+ AF_IP4 ?
+ FIB_PROTOCOL_IP4 :
FIB_PROTOCOL_IP6),
vnet_buffer
(b)->sw_if_index
{
clib_memset (&gid_address_arp_ndp_ip (dst), 0,
sizeof (ip_address_t));
- ip_addr_version (&gid_address_arp_ndp_ip (dst)) = IP4;
+ ip_addr_version (&gid_address_arp_ndp_ip (dst)) = AF_IP4;
gid_address_arp_ndp_bd (dst) = ~0;
return;
}
clib_memset (&gid_address_arp_ndp_ip (dst), 0,
sizeof (ip_address_t));
ip_addr_version (&gid_address_arp_ndp_ip (dst)) =
- IP6;
+ AF_IP6;
gid_address_arp_ndp_bd (dst) = ~0;
gid_address_type (src) = GID_ADDR_NO_ADDRESS;
return;
gid_address_ndp_bd (dst) =
lisp_get_bd_from_buffer_eth (b);
ip_address_set (&gid_address_arp_ndp_ip (dst),
- &ndh->target_address, IP6);
+ &ndh->target_address, AF_IP6);
return;
}
}
if (vnet_lisp_add_del_adjacency (adj_args))
clib_warning ("failed to del adjacency!");
+ TW (tw_timer_stop) (&lcm->wheel, m->timer_handle);
vnet_lisp_del_mapping (&m->eid, NULL);
- mapping_delete_timer (lcm, mi);
}
static void
m = pool_elt_at_index (lcm->mapping_pool, mi);
m->timer_set = 1;
- timing_wheel_insert (&lcm->wheel, exp_clock_time, mi);
+ m->timer_handle = TW (tw_timer_start) (&lcm->wheel, mi, 0, exp_clock_time);
}
static void
is_auth_data_valid (map_notify_hdr_t * h, u32 msg_len,
lisp_key_type_t key_id, u8 * key)
{
+ lisp_cp_main_t *lcm = vnet_lisp_cp_get_main ();
u8 *auth_data = 0;
u16 auth_data_len;
int result;
+ vnet_crypto_op_t _op, *op = &_op;
+ vnet_crypto_key_index_t ki;
+ u8 out[EVP_MAX_MD_SIZE] = { 0, };
auth_data_len = auth_data_len_by_key_id (key_id);
if ((u16) ~ 0 == auth_data_len)
/* clear auth data */
clib_memset (MNOTIFY_DATA (h), 0, auth_data_len);
- /* get hash of the message */
- unsigned char *code = HMAC (get_encrypt_fcn (key_id), key, vec_len (key),
- (unsigned char *) h, msg_len, NULL, NULL);
+ vnet_crypto_op_init (op, lisp_key_type_to_crypto_op (key_id));
+ op->len = msg_len;
+ op->digest = out;
+ op->src = (u8 *) h;
+ op->digest_len = 0;
+ op->iv = 0;
+
+ ki = vnet_crypto_key_add (lcm->vlib_main,
+ lisp_key_type_to_crypto_alg (key_id), key,
+ vec_len (key));
+
+ op->key_index = ki;
- result = memcmp (code, auth_data, auth_data_len);
+ vnet_crypto_process_ops (lcm->vlib_main, op, 1);
+ vnet_crypto_key_del (lcm->vlib_main, ki);
+
+ result = memcmp (out, auth_data, auth_data_len);
vec_free (auth_data);
free_map_register_records (records);
vnet_buffer (b)->sw_if_index[VLIB_TX] = 0;
- next_index = (ip_addr_version (&lcm->active_map_resolver) == IP4) ?
+ next_index = (ip_addr_version (&lcm->active_map_resolver) == AF_IP4) ?
ip4_lookup_node.index : ip6_lookup_node.index;
f = vlib_get_frame_to_node (lcm->vlib_main, next_index);
a->is_rloc_probe = MREP_RLOC_PROBE (mrep_hdr);
if (!vlib_buffer_has_space (b, sizeof (*mrep_hdr)))
{
- clib_mem_free (a);
+ map_records_arg_free (a);
return 0;
}
vlib_buffer_pull (b, sizeof (*mrep_hdr));
hash_set (lcm->table_id_by_vni, 0, 0);
hash_set (lcm->vni_by_table_id, 0, 0);
- u64 now = clib_cpu_time_now ();
- timing_wheel_init (&lcm->wheel, now, vm->clib_time.clocks_per_second);
+ TW (tw_timer_wheel_init) (&lcm->wheel, 0 /* no callback */ ,
+ 1e-3 /* timer period 1ms */ ,
+ ~0 /* max expirations per call */ );
lcm->nsh_map_index = ~0;
lcm->map_register_ttl = MAP_REGISTER_DEFAULT_TTL;
lcm->max_expired_map_registers = MAX_EXPIRED_MAP_REGISTERS_DEFAULT;
update_map_register (lcm, period);
update_rloc_probing (lcm, period);
- u64 now = clib_cpu_time_now ();
-
- expired = timing_wheel_advance (&lcm->wheel, now, expired, 0);
+ expired = TW (tw_timer_expire_timers_vec) (&lcm->wheel,
+ vlib_time_now (vm), expired);
if (vec_len (expired) > 0)
{
u32 *mi = 0;
return lcm->flags & LISP_FLAG_STATS_ENABLED;
}
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (lisp_retry_service_node,static) = {
- .function = send_map_resolver_service,
- .type = VLIB_NODE_TYPE_PROCESS,
- .name = "lisp-retry-service",
- .process_log2_n_stack_bytes = 16,
-};
-/* *INDENT-ON* */
+void
+vnet_lisp_create_retry_process (lisp_cp_main_t * lcm)
+{
+ if (lcm->retry_service_index)
+ return;
+
+ lcm->retry_service_index = vlib_process_create (vlib_get_main (),
+ "lisp-retry-service",
+ send_map_resolver_service,
+ 16 /* stack_bytes */ );
+}
u32
vnet_lisp_set_transport_protocol (u8 protocol)