X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=resources%2Flibraries%2Fpython%2FIPsecUtil.py;h=c109f417e50e745d632b803be9dd7f254b220d47;hb=e7a8aec57027b1791178bccacd58facacc322f6a;hp=16acb51234b7b3eda1d3aecd41c7608243f4c33f;hpb=141d5420a065734671ea17bbee8c4e927ae10dff;p=csit.git diff --git a/resources/libraries/python/IPsecUtil.py b/resources/libraries/python/IPsecUtil.py index 16acb51234..c109f417e5 100644 --- a/resources/libraries/python/IPsecUtil.py +++ b/resources/libraries/python/IPsecUtil.py @@ -21,9 +21,9 @@ from string import letters from enum import Enum, IntEnum from ipaddress import ip_network, ip_address -from resources.libraries.python.Constants import Constants from resources.libraries.python.IPUtil import IPUtil -from resources.libraries.python.InterfaceUtil import InterfaceUtil +from resources.libraries.python.InterfaceUtil import InterfaceUtil, \ + InterfaceStatusFlags from resources.libraries.python.PapiExecutor import PapiSocketExecutor from resources.libraries.python.topology import Topology from resources.libraries.python.VatExecutor import VatExecutor @@ -461,8 +461,6 @@ class IPsecUtil(object): if tunnel_src and tunnel_dst else dst_addr history = False if 1 < i < n_entries - 1 else True papi_exec.add(cmd, history=history, **args) - if i > 0 and i % Constants.PAPI_MAX_API_BULK == 0: - papi_exec.get_replies(err_msg) papi_exec.get_replies(err_msg) @staticmethod @@ -521,23 +519,15 @@ class IPsecUtil(object): cmd1 = 'sw_interface_add_del_address' args1 = dict( sw_if_index=InterfaceUtil.get_interface_index(node, interface), - is_add=1, - is_ipv6=1 if laddr.version == 6 else 0, - del_all=0, - address_length=raddr_range, - address=None + is_add=True, + del_all=False, + prefix=None ) cmd2 = 'ip_route_add_del' - route = IPUtil.compose_vpp_route_structure( - node, taddr, - prefix_len=128 if taddr.version == 6 else 32, - interface=interface, - gateway=tunnel_dst - ) args2 = dict( is_add=1, is_multipath=0, - route=route + route=None ) err_msg = 'Failed to configure IP addresses and IP routes on ' \ 'interface {ifc} on host {host}'.\ @@ -545,16 +535,18 @@ class IPsecUtil(object): with PapiSocketExecutor(node) as papi_exec: for i in xrange(n_tunnels): - args1['address'] = getattr(laddr + i * addr_incr, 'packed') - args2['route']['prefix']['address']['un'] = \ - IPUtil.union_addr(taddr + i) - args2['route']['paths'][0]['nh']['address'] = \ - IPUtil.union_addr(raddr + i * addr_incr) + args1['prefix'] = IPUtil.create_prefix_object( + laddr + i * addr_incr, raddr_range) + args2['route'] = IPUtil.compose_vpp_route_structure( + node, + taddr + i, + prefix_len=128 if taddr.version == 6 else 32, + interface=interface, + gateway=raddr + i * addr_incr + ) history = False if 1 < i < n_tunnels - 1 else True papi_exec.add(cmd1, history=history, **args1).\ add(cmd2, history=history, **args2) - if i > 0 and i % Constants.PAPI_MAX_API_BULK / 2 == 0: - papi_exec.get_replies(err_msg) papi_exec.get_replies(err_msg) @staticmethod @@ -730,9 +722,9 @@ class IPsecUtil(object): raddr_s=raddr_s, raddr_e=raddr_e)) tmp_file.write(tunnel) - vat = VatExecutor() - vat.execute_script(tmp_filename, node, timeout=300, json_out=False, - copy_on_execute=True) + VatExecutor().execute_script( + tmp_filename, node, timeout=300, json_out=False, + copy_on_execute=True) os.remove(tmp_filename) return @@ -775,8 +767,6 @@ class IPsecUtil(object): IPUtil.union_addr(raddr_ip + i) history = False if 1 < i < n_entries - 1 else True papi_exec.add(cmd, history=history, **args) - if i > 0 and i % Constants.PAPI_MAX_API_BULK == 0: - papi_exec.get_replies(err_msg) papi_exec.get_replies(err_msg) @staticmethod @@ -790,7 +780,7 @@ class IPsecUtil(object): :param if2_ip_addr: VPP node 2 interface IPv4/IPv6 address. :param if1_key: VPP node 1 interface key from topology file. :param if2_key: VPP node 2 interface key from topology file. - :param n_tunnels: Number of tunnell interfaces to create. + :param n_tunnels: Number of tunnel interfaces to create. :param crypto_alg: The encryption algorithm name. :param integ_alg: The integrity algorithm name. :param raddr_ip1: Policy selector remote IPv4/IPv6 start address for the @@ -961,7 +951,7 @@ class IPsecUtil(object): cmd1 = 'sw_interface_set_flags' args1 = dict( sw_if_index=loop_sw_if_idx, - admin_up_down=1) + flags=InterfaceStatusFlags.IF_STATUS_API_FLAG_ADMIN_UP.value) err_msg = 'Failed to set loopback interface state up on host ' \ '{host}'.format(host=nodes['DUT1']['host']) papi_exec.add(cmd1, **args1).get_reply(err_msg) @@ -970,22 +960,21 @@ class IPsecUtil(object): args1 = dict( sw_if_index=InterfaceUtil.get_interface_index( nodes['DUT1'], if1_key), - is_add=1, - is_ipv6=1 if if2_ip.version == 6 else 0, - del_all=0, - address_length=96 if if2_ip.version == 6 else 24, - address=getattr(if2_ip - 1, 'packed')) + is_add=True, + del_all=False, + prefix=IPUtil.create_prefix_object( + if2_ip - 1, 96 if if2_ip.version == 6 else 24) + ) err_msg = 'Failed to set IP address on interface {ifc} on host ' \ '{host}'.format(ifc=if1_key, host=nodes['DUT1']['host']) papi_exec.add(cmd1, **args1).get_reply(err_msg) # Configure IPsec tunnel interfaces args1 = dict( sw_if_index=loop_sw_if_idx, - is_add=1, - is_ipv6=1 if if1_ip.version == 6 else 0, - del_all=0, - address_length=128 if if1_ip.version == 6 else 32, - address='') + is_add=True, + del_all=False, + prefix=None + ) cmd2 = 'ipsec_tunnel_if_add_del' args2 = dict( is_add=1, @@ -1016,7 +1005,8 @@ class IPsecUtil(object): if integ_alg: ikeys.append( gen_key(IPsecUtil.get_integ_alg_key_len(integ_alg))) - args1['address'] = getattr(if1_ip + i * addr_incr, 'packed') + args1['prefix'] = IPUtil.create_prefix_object( + if1_ip + i * addr_incr, 128 if if1_ip.version == 6 else 32) args2['local_spi'] = spi_1 + i args2['remote_spi'] = spi_2 + i args2['local_ip'] = IPUtil.create_ip_address_object( @@ -1034,11 +1024,6 @@ class IPsecUtil(object): history = False if 1 < i < n_tunnels - 1 else True papi_exec.add(cmd1, history=history, **args1).\ add(cmd2, history=history, **args2) - if i > 0 and i % Constants.PAPI_MAX_API_BULK / 2 == 0: - replies = papi_exec.get_replies(err_msg) - for reply in replies: - if 'sw_if_index' in reply: - ipsec_tunnels.append(reply["sw_if_index"]) replies = papi_exec.get_replies(err_msg) for reply in replies: if 'sw_if_index' in reply: @@ -1046,7 +1031,7 @@ class IPsecUtil(object): # Configure IP routes cmd1 = 'sw_interface_set_unnumbered' args1 = dict( - is_add=1, + is_add=True, sw_if_index=InterfaceUtil.get_interface_index( nodes['DUT1'], if1_key), unnumbered_sw_if_index=0 @@ -1054,33 +1039,28 @@ class IPsecUtil(object): cmd2 = 'sw_interface_set_flags' args2 = dict( sw_if_index=0, - admin_up_down=1) + flags=InterfaceStatusFlags.IF_STATUS_API_FLAG_ADMIN_UP.value) cmd3 = 'ip_route_add_del' - route = IPUtil.compose_vpp_route_structure( - nodes['DUT1'], raddr_ip2.compressed, - prefix_len=128 if raddr_ip2.version == 6 else 32, - interface=0 - ) args3 = dict( is_add=1, is_multipath=0, - route=route + route=None ) err_msg = 'Failed to add IP routes on host {host}'.format( host=nodes['DUT1']['host']) for i in xrange(n_tunnels): args1['unnumbered_sw_if_index'] = ipsec_tunnels[i] args2['sw_if_index'] = ipsec_tunnels[i] - args3['route']['prefix']['address']['un'] = \ - IPUtil.union_addr(raddr_ip2 + i) - args3['route']['paths'][0]['sw_if_index'] = \ - ipsec_tunnels[i] + args3['route'] = IPUtil.compose_vpp_route_structure( + nodes['DUT1'], + (raddr_ip2 + i).compressed, + prefix_len=128 if raddr_ip2.version == 6 else 32, + interface=ipsec_tunnels[i] + ) history = False if 1 < i < n_tunnels - 1 else True papi_exec.add(cmd1, history=history, **args1).\ add(cmd2, history=history, **args2).\ add(cmd3, history=history, **args3) - if i > 0 and i % Constants.PAPI_MAX_API_BULK / 3 == 0: - papi_exec.get_replies(err_msg) papi_exec.get_replies(err_msg) with PapiSocketExecutor(nodes['DUT2']) as papi_exec: @@ -1089,11 +1069,11 @@ class IPsecUtil(object): args1 = dict( sw_if_index=InterfaceUtil.get_interface_index( nodes['DUT2'], if2_key), - is_add=1, - is_ipv6=1 if if2_ip.version == 6 else 0, - del_all=0, - address_length=96 if if2_ip.version == 6 else 24, - address=if2_ip.packed) + is_add=True, + del_all=False, + prefix=IPUtil.create_prefix_object( + if2_ip, 96 if if2_ip.version == 6 else 24) + ) err_msg = 'Failed to set IP address on interface {ifc} on host ' \ '{host}'.format(ifc=if2_key, host=nodes['DUT2']['host']) papi_exec.add(cmd1, **args1).get_reply(err_msg) @@ -1137,11 +1117,6 @@ class IPsecUtil(object): args2['remote_integ_key'] = ikeys[i] history = False if 1 < i < n_tunnels - 1 else True papi_exec.add(cmd2, history=history, **args2) - if i > 0 and i % Constants.PAPI_MAX_API_BULK / 2 == 0: - replies = papi_exec.get_replies(err_msg) - for reply in replies: - if 'sw_if_index' in reply: - ipsec_tunnels.append(reply["sw_if_index"]) replies = papi_exec.get_replies(err_msg) for reply in replies: if 'sw_if_index' in reply: @@ -1162,7 +1137,7 @@ class IPsecUtil(object): papi_exec.add(cmd1, **args1) cmd1 = 'sw_interface_set_unnumbered' args1 = dict( - is_add=1, + is_add=True, sw_if_index=InterfaceUtil.get_interface_index( nodes['DUT2'], if2_key), unnumbered_sw_if_index=0 @@ -1170,33 +1145,28 @@ class IPsecUtil(object): cmd2 = 'sw_interface_set_flags' args2 = dict( sw_if_index=0, - admin_up_down=1) + flags=InterfaceStatusFlags.IF_STATUS_API_FLAG_ADMIN_UP.value) cmd3 = 'ip_route_add_del' - route = IPUtil.compose_vpp_route_structure( - nodes['DUT2'], raddr_ip1.compressed, - prefix_len=128 if raddr_ip1.version == 6 else 32, - interface=0 - ) args3 = dict( is_add=1, is_multipath=0, - route=route + route=None ) err_msg = 'Failed to add IP routes on host {host}'.format( host=nodes['DUT2']['host']) for i in xrange(n_tunnels): args1['unnumbered_sw_if_index'] = ipsec_tunnels[i] args2['sw_if_index'] = ipsec_tunnels[i] - args3['route']['prefix']['address']['un'] = \ - IPUtil.union_addr(raddr_ip1 + i) - args3['route']['paths'][0]['sw_if_index'] = \ - ipsec_tunnels[i] + args3['route'] = IPUtil.compose_vpp_route_structure( + nodes['DUT1'], + (raddr_ip1 + i).compressed, + prefix_len=128 if raddr_ip1.version == 6 else 32, + interface=ipsec_tunnels[i] + ) history = False if 1 < i < n_tunnels - 1 else True papi_exec.add(cmd1, history=history, **args1). \ add(cmd2, history=history, **args2). \ add(cmd3, history=history, **args3) - if i > 0 and i % Constants.PAPI_MAX_API_BULK / 3 == 0: - papi_exec.get_replies(err_msg) papi_exec.get_replies(err_msg) @staticmethod