fix: Fix IPSec SA add/del in VPP 20.05 (#1664)

ligato · Jun 4, 2020 · cde8f29 · cde8f29
1 parent ff63269
commit cde8f29
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 10 deletions.
diff --git a/plugins/vpp/ipsecplugin/vppcalls/vpp2005/ipsec_vppcalls.go b/plugins/vpp/ipsecplugin/vppcalls/vpp2005/ipsec_vppcalls.go
@@ -241,9 +241,11 @@ func (h *IPSecVppHandler) sadAddDelEntry(sa *ipsec.SecurityAssociation, isAdd bo
 				Data:   integKey,
 				Length: uint8(len(integKey)),
 			},
-			TunnelSrc: tunnelSrc,
-			TunnelDst: tunnelDst,
-			Flags:     flags,
+			TunnelSrc:  tunnelSrc,
+			TunnelDst:  tunnelDst,
+			Flags:      flags,
+			UDPSrcPort: ^uint16(0),
+			UDPDstPort: ^uint16(0),
 		},
 	}
 	reply := &vpp_ipsec.IpsecSadEntryAddDelReply{}

diff --git a/plugins/vpp/ipsecplugin/vppcalls/vpp2005/ipsec_vppcalls_test.go b/plugins/vpp/ipsecplugin/vppcalls/vpp2005/ipsec_vppcalls_test.go
@@ -210,7 +210,9 @@ func TestVppAddSA(t *testing.T) {
 				Length: uint8(len(cryptoKey)),
 				Data:   cryptoKey,
 			},
-			Flags: ipsec_types.IPSEC_API_SAD_FLAG_USE_ESN | ipsec_types.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY,
+			Flags:      ipsec_types.IPSEC_API_SAD_FLAG_USE_ESN | ipsec_types.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY,
+			UDPSrcPort: ^uint16(0),
+			UDPDstPort: ^uint16(0),
 		},
 	}))
 }
@@ -246,8 +248,10 @@ func TestVppDelSA(t *testing.T) {
 				Length: uint8(len(cryptoKey)),
 				Data:   cryptoKey,
 			},
-			Flags:    ipsec_types.IPSEC_API_SAD_FLAG_USE_ESN | ipsec_types.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY,
-			Protocol: ipsec_types.IPSEC_API_PROTO_ESP,
+			Flags:      ipsec_types.IPSEC_API_SAD_FLAG_USE_ESN | ipsec_types.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY,
+			Protocol:   ipsec_types.IPSEC_API_PROTO_ESP,
+			UDPSrcPort: ^uint16(0),
+			UDPDstPort: ^uint16(0),
 		},
 	}))
 }
@@ -291,8 +295,10 @@ func TestVppAddSATunnelMode(t *testing.T) {
 				Af: ip_types.ADDRESS_IP4,
 				Un: ipsec_types.AddressUnion{XXX_UnionData: [16]byte{20, 1, 0, 1}},
 			},
-			Flags:    ipsec_types.IPSEC_API_SAD_FLAG_IS_TUNNEL,
-			Protocol: ipsec_types.IPSEC_API_PROTO_ESP,
+			Flags:      ipsec_types.IPSEC_API_SAD_FLAG_IS_TUNNEL,
+			Protocol:   ipsec_types.IPSEC_API_PROTO_ESP,
+			UDPSrcPort: ^uint16(0),
+			UDPDstPort: ^uint16(0),
 		},
 	}))
 }
@@ -336,8 +342,10 @@ func TestVppAddSATunnelModeIPv6(t *testing.T) {
 				Af: ip_types.ADDRESS_IP6,
 				Un: ipsec_types.AddressUnion{XXX_UnionData: [16]byte{171, 205}},
 			},
-			Flags:    ipsec_types.IPSEC_API_SAD_FLAG_IS_TUNNEL | ipsec_types.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6,
-			Protocol: ipsec_types.IPSEC_API_PROTO_ESP,
+			Flags:      ipsec_types.IPSEC_API_SAD_FLAG_IS_TUNNEL | ipsec_types.IPSEC_API_SAD_FLAG_IS_TUNNEL_V6,
+			Protocol:   ipsec_types.IPSEC_API_PROTO_ESP,
+			UDPSrcPort: ^uint16(0),
+			UDPDstPort: ^uint16(0),
 		},
 	}))
 }