Type: improvement
There's no need for the user to set the TUNNEL_V6 flag, it can be
derived from the tunnel's address type.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I073073dc970b8a3f2b2645bc697fc00db1adbb47
return VNET_API_ERROR_SYSCALL_ERROR_1;
}
return VNET_API_ERROR_SYSCALL_ERROR_1;
}
+ if (ipsec_sa_is_set_IS_TUNNEL (sa) &&
+ AF_IP6 == ip_addr_version (&tun->t_src))
+ ipsec_sa_set_IS_TUNNEL_V6 (sa);
+
if (ipsec_sa_is_set_IS_TUNNEL (sa) && !ipsec_sa_is_set_IS_INBOUND (sa))
{
sa->tunnel_flags = sa->tunnel.t_encap_decap_flags;
if (ipsec_sa_is_set_IS_TUNNEL (sa) && !ipsec_sa_is_set_IS_INBOUND (sa))
{
sa->tunnel_flags = sa->tunnel.t_encap_decap_flags;
/* IPsec tunnel mode if non-zero, else transport mode */
IPSEC_API_SAD_FLAG_IS_TUNNEL = 0x04,
/* IPsec tunnel mode is IPv6 if non-zero,
/* IPsec tunnel mode if non-zero, else transport mode */
IPSEC_API_SAD_FLAG_IS_TUNNEL = 0x04,
/* IPsec tunnel mode is IPv6 if non-zero,
- * else IPv4 tunnel only valid if is_tunnel is non-zero */
+ * else IPv4 tunnel only valid if is_tunnel is non-zero
+ * DEPRECATED - the user does not need to set this it is
+ * derived from the tunnel's address types.
+ */
IPSEC_API_SAD_FLAG_IS_TUNNEL_V6 = 0x08,
/* enable UDP encapsulation for NAT traversal */
IPSEC_API_SAD_FLAG_UDP_ENCAP = 0x10,
IPSEC_API_SAD_FLAG_IS_TUNNEL_V6 = 0x08,
/* enable UDP encapsulation for NAT traversal */
IPSEC_API_SAD_FLAG_UDP_ENCAP = 0x10,
if (tun_src):
self.tun_src = ip_address(text_type(tun_src))
self.flags = self.flags | e.IPSEC_API_SAD_FLAG_IS_TUNNEL
if (tun_src):
self.tun_src = ip_address(text_type(tun_src))
self.flags = self.flags | e.IPSEC_API_SAD_FLAG_IS_TUNNEL
- if (self.tun_src.version == 6):
- self.flags = self.flags | e.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6
if (tun_dst):
self.tun_dst = ip_address(text_type(tun_dst))
self.udp_src = udp_src
if (tun_dst):
self.tun_dst = ip_address(text_type(tun_dst))
self.udp_src = udp_src