ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

IPSEC Tests: to per-test setup and tearDown

Browse Source 
don't do the setup and teardown in class methods so that with
each test the config is added and deleted. that way we test that
delete actually removes state.
more helpful error codes from VPP for existing IPSEC state.

Change-Id: I5de1578f73b935b420d4cdd85aa98d5fdcc682f6
Signed-off-by: Neale Ranns <nranns@cisco.com>
This commit is contained in:
Neale Ranns
2019-01-23 08:16:17 -08:00
committed by Damjan Marion
parent e18b45caeb
commit 8e4a89bf42
7 changed files with 596 additions and 307 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
test/test_ipsec_api.py
View File

@ -1,47 +1,55 @@
import unittest
from framework import VppTestCase, VppTestRunner
from template_ipsec import TemplateIpsec
from template_ipsec import TemplateIpsec, IPsecIPv4Params
class IpsecApiTestCase(VppTestCase):
""" IPSec API tests """
@classmethod
def setUpClass(cls):
super(IpsecApiTestCase, cls).setUpClass()
cls.create_pg_interfaces([0])
cls.pg0.config_ip4()
cls.pg0.admin_up()
def setUp(self):
super(IpsecApiTestCase, self).setUp()
self.create_pg_interfaces([0])
self.pg0.config_ip4()
self.pg0.admin_up()
self.vpp_esp_protocol = 1
self.vpp_ah_protocol = 0
self.ipv4_params = IPsecIPv4Params()
def tearDown(self):
self.pg0.unconfig_ip4()
self.pg0.admin_down()
super(IpsecApiTestCase, self).tearDown()
def test_backend_dump(self):
""" backend dump """
d = self.vapi.ipsec_backend_dump()
self.assert_equal(len(d), 2, "number of ipsec backends in dump")
self.assert_equal(d[0].protocol, TemplateIpsec.vpp_ah_protocol,
self.assert_equal(d[0].protocol, self.vpp_ah_protocol,
"ipsec protocol in dump entry")
self.assert_equal(d[0].index, 0, "index in dump entry")
self.assert_equal(d[0].active, 1, "active flag in dump entry")
self.assert_equal(d[1].protocol, TemplateIpsec.vpp_esp_protocol,
self.assert_equal(d[1].protocol, self.vpp_esp_protocol,
"ipsec protocol in dump entry")
self.assert_equal(d[1].index, 0, "index in dump entry")
self.assert_equal(d[1].active, 1, "active flag in dump entry")
def test_select_valid_backend(self):
""" select valid backend """
self.vapi.ipsec_select_backend(TemplateIpsec.vpp_ah_protocol, 0)
self.vapi.ipsec_select_backend(TemplateIpsec.vpp_esp_protocol, 0)
self.vapi.ipsec_select_backend(self.vpp_ah_protocol, 0)
self.vapi.ipsec_select_backend(self.vpp_esp_protocol, 0)
def test_select_invalid_backend(self):
""" select invalid backend """
with self.vapi.assert_negative_api_retval():
self.vapi.ipsec_select_backend(TemplateIpsec.vpp_ah_protocol, 200)
self.vapi.ipsec_select_backend(self.vpp_ah_protocol, 200)
with self.vapi.assert_negative_api_retval():
self.vapi.ipsec_select_backend(TemplateIpsec.vpp_esp_protocol, 200)
self.vapi.ipsec_select_backend(self.vpp_esp_protocol, 200)
def test_select_backend_in_use(self):
""" attempt to change backend while sad configured """
params = TemplateIpsec.ipv4_params
params = self.ipv4_params
addr_type = params.addr_type
is_ipv6 = params.is_ipv6
scapy_tun_sa_id = params.scapy_tun_sa_id
@ -54,24 +62,24 @@ class IpsecApiTestCase(VppTestCase):
self.vapi.ipsec_sad_add_del_entry(scapy_tun_sa_id, scapy_tun_spi,
auth_algo_vpp_id, auth_key,
crypt_algo_vpp_id, crypt_key,
TemplateIpsec.vpp_ah_protocol,
self.vpp_ah_protocol,
self.pg0.local_addr_n[addr_type],
self.pg0.remote_addr_n[addr_type],
is_tunnel=1, is_tunnel_ipv6=is_ipv6)
with self.vapi.assert_negative_api_retval():
self.vapi.ipsec_select_backend(
protocol=TemplateIpsec.vpp_ah_protocol, index=0)
protocol=self.vpp_ah_protocol, index=0)
self.vapi.ipsec_sad_add_del_entry(scapy_tun_sa_id, scapy_tun_spi,
auth_algo_vpp_id, auth_key,
crypt_algo_vpp_id, crypt_key,
TemplateIpsec.vpp_ah_protocol,
self.vpp_ah_protocol,
self.pg0.local_addr_n[addr_type],
self.pg0.remote_addr_n[addr_type],
is_tunnel=1, is_tunnel_ipv6=is_ipv6,
is_add=0)
self.vapi.ipsec_select_backend(
protocol=TemplateIpsec.vpp_ah_protocol, index=0)
protocol=self.vpp_ah_protocol, index=0)
if __name__ == '__main__':