descriptor

package
v2.5.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2019 License: Apache-2.0 Imports: 16 Imported by: 9

Documentation

Index

Constants

View Source 
const (
	// IPSecSPDDescriptorName is the name of the descriptor for VPP IPSec SPD
	// configurations.
	IPSecSPDDescriptorName = "vpp-ipsec-spd"
)
View Source 
const (
	// SADescriptorName is the name of the descriptor for VPP security associations.
	SADescriptorName = "vpp-ipsec-sa"
)
View Source 
const (
	// SPDInterfaceDescriptorName is the name of the descriptor for bindings between
	// VPP IPSec security policy database and interfaces.
	SPDInterfaceDescriptorName = "vpp-spd-interface"
)
View Source 
const (
	// SPDPolicyDescriptorName is the name of the descriptor for bindings between
	// VPP IPSec security policy database and policy database (security association).
	SPDPolicyDescriptorName = "vpp-spd-policy"
)

Variables

View Source 
var (
	// ErrSAWithoutIndex is returned when VPP security association was defined
	// without index.
	ErrSAWithoutIndex = errors.New("VPP security association defined without index")

	// ErrSAInvalidIndex is returned when VPP security association was defined
	// with non-numerical index.
	ErrSAInvalidIndex = errors.New("VPP security association defined with invalid index")
)

A list of non-retriable errors:

View Source 
var (
	// ErrIPSecSPDWithoutIndex is returned when VPP security policy database
	// configuration was defined without index.
	ErrIPSecSPDWithoutIndex = errors.New("VPP IPSec security policy database defined without index")

	// ErrIPSecSPDInvalidIndex is returned when VPP security policy database
	// configuration was defined with non-numerical index.
	ErrIPSecSPDInvalidIndex = errors.New("VPP IPSec security policy database defined with invalid index")

	// ErrSPDWithoutSA is returned when VPP security policy entry has undefined
	// security association attribute.
	ErrSPDWithoutSA = errors.New("VPP SPD policy entry defined without security association name")
)

A list of non-retriable errors:

Functions

This section is empty.

Types

type IPSecSADescriptor 

type IPSecSADescriptor struct {
	// contains filtered or unexported fields
}

IPSecSADescriptor teaches KVScheduler how to configure VPP IPSec security associations.

func NewIPSecSADescriptor 

func NewIPSecSADescriptor(ipSecHandler vppcalls.IPSecVppAPI, log logging.PluginLogger) *IPSecSADescriptor

NewIPSecSADescriptor creates a new instance of the IPSec SA descriptor.

func (*IPSecSADescriptor) Create 

func (d *IPSecSADescriptor) Create(key string, sa *ipsec.SecurityAssociation) (metadata interface{}, err error)

Create adds a new security association pair.

func (*IPSecSADescriptor) Delete 

func (d *IPSecSADescriptor) Delete(key string, sa *ipsec.SecurityAssociation, metadata interface{}) error

Delete removes VPP security association.

func (*IPSecSADescriptor) EquivalentIPSecSAs 

func (d *IPSecSADescriptor) EquivalentIPSecSAs(key string, oldSA, newSA *ipsec.SecurityAssociation) bool

EquivalentIPSecSAs is case-insensitive comparison function for ipsec.SecurityAssociation

func (*IPSecSADescriptor) GetDescriptor 

func (d *IPSecSADescriptor) GetDescriptor() *adapter.SADescriptor

GetDescriptor returns descriptor suitable for registration (via adapter) with the KVScheduler.

func (*IPSecSADescriptor) Retrieve 

func (d *IPSecSADescriptor) Retrieve(correlate []adapter.SAKVWithMetadata) (dump []adapter.SAKVWithMetadata, err error)

Retrieve returns all configured VPP security associations.

func (*IPSecSADescriptor) Validate 

func (d *IPSecSADescriptor) Validate(key string, sa *ipsec.SecurityAssociation) error

Validate validates VPP security association configuration.

type IPSecSPDDescriptor 

type IPSecSPDDescriptor struct {
	// contains filtered or unexported fields
}

IPSecSPDDescriptor teaches KVScheduler how to configure IPSec SPD in VPP.

func NewIPSecSPDDescriptor 

func NewIPSecSPDDescriptor(ipSecHandler vppcalls.IPSecVppAPI, log logging.PluginLogger) *IPSecSPDDescriptor

NewIPSecSPDDescriptor creates a new instance of the IPSec SPD descriptor.

func (*IPSecSPDDescriptor) Create 

func (d *IPSecSPDDescriptor) Create(key string, spd *ipsec.SecurityPolicyDatabase) (metadata *idxvpp.OnlyIndex, err error)

Create adds a new IPSec security policy database.

func (*IPSecSPDDescriptor) Delete 

func (d *IPSecSPDDescriptor) Delete(key string, spd *ipsec.SecurityPolicyDatabase, metadata *idxvpp.OnlyIndex) error

Delete removes VPP IPSec security policy database.

func (*IPSecSPDDescriptor) DerivedValues 

func (d *IPSecSPDDescriptor) DerivedValues(key string, spd *ipsec.SecurityPolicyDatabase) (derValues []kvs.KeyValuePair)

DerivedValues derives ipsec.SecurityPolicyDatabase_Interface for every interface assigned assigned to the SPD and ipsec.SecurityPolicyDatabase_PolicyEntry for every policy entry assigned to the SPD

func (*IPSecSPDDescriptor) EquivalentIPSecSPDs 

func (d *IPSecSPDDescriptor) EquivalentIPSecSPDs(key string, oldSPD, newSPD *ipsec.SecurityPolicyDatabase) bool

EquivalentIPSecSPDs is case-insensitive comparison function for ipsec.SecurityPolicyDatabase, also ignoring the order of assigned interfaces and/or policy entries.

func (*IPSecSPDDescriptor) GetDescriptor 

func (d *IPSecSPDDescriptor) GetDescriptor() *adapter.SPDDescriptor

GetDescriptor returns descriptor suitable for registration (via adapter) with the KVScheduler.

func (*IPSecSPDDescriptor) MetadataFactory 

func (d *IPSecSPDDescriptor) MetadataFactory() idxmap.NamedMappingRW

MetadataFactory is a factory for index-map customized for VPP security policy databases.

func (*IPSecSPDDescriptor) Retrieve 

func (d *IPSecSPDDescriptor) Retrieve(correlate []adapter.SPDKVWithMetadata) (dump []adapter.SPDKVWithMetadata, err error)

Retrieve returns all configured VPP security policy databases.

func (*IPSecSPDDescriptor) Validate 

func (d *IPSecSPDDescriptor) Validate(key string, spd *ipsec.SecurityPolicyDatabase) error

Validate validates VPP IPSec security policy database configuration.

type SPDInterfaceDescriptor 

type SPDInterfaceDescriptor struct {
	// contains filtered or unexported fields
}

SPDInterfaceDescriptor teaches KVScheduler how to put interface into VPP security policy database

func NewSPDInterfaceDescriptor 

func NewSPDInterfaceDescriptor(ipSecHandler vppcalls.IPSecVppAPI, log logging.PluginLogger) *SPDInterfaceDescriptor

NewSPDInterfaceDescriptor creates a new instance of the SPDInterface descriptor.

func (*SPDInterfaceDescriptor) Create 

func (d *SPDInterfaceDescriptor) Create(key string, spdIf *ipsec.SecurityPolicyDatabase_Interface) (metadata interface{}, err error)

Create puts interface into security policy database.

func (*SPDInterfaceDescriptor) Delete 

func (d *SPDInterfaceDescriptor) Delete(key string, spdIf *ipsec.SecurityPolicyDatabase_Interface, metadata interface{}) (err error)

Delete removes interface from security policy database.

func (*SPDInterfaceDescriptor) Dependencies 

func (d *SPDInterfaceDescriptor) Dependencies(key string, value *ipsec.SecurityPolicyDatabase_Interface) []kvs.Dependency

Dependencies lists the interface as the only dependency for the binding.

func (*SPDInterfaceDescriptor) GetDescriptor 

func (d *SPDInterfaceDescriptor) GetDescriptor() *adapter.SPDInterfaceDescriptor

GetDescriptor returns descriptor suitable for registration (via adapter) with the KVScheduler.

func (*SPDInterfaceDescriptor) IsSPDInterfaceKey 

func (d *SPDInterfaceDescriptor) IsSPDInterfaceKey(key string) bool

IsSPDInterfaceKey returns true if the key is identifying binding between VPP security policy database and interface.

type SPDPolicyDescriptor 

type SPDPolicyDescriptor struct {
	// contains filtered or unexported fields
}

SPDPolicyDescriptor teaches KVScheduler how to put policy database into VPP security policy database

func NewSPDPolicyDescriptor 

func NewSPDPolicyDescriptor(ipSecHandler vppcalls.IPSecVppAPI, log logging.PluginLogger) *SPDPolicyDescriptor

NewSPDPolicyDescriptor creates a new instance of the SPDPolicy descriptor.

func (*SPDPolicyDescriptor) Create 

func (d *SPDPolicyDescriptor) Create(key string, policy *ipsec.SecurityPolicyDatabase_PolicyEntry) (metadata interface{}, err error)

Create puts policy into security policy database.

func (*SPDPolicyDescriptor) Delete 

func (d *SPDPolicyDescriptor) Delete(key string, policy *ipsec.SecurityPolicyDatabase_PolicyEntry, metadata interface{}) (err error)

Delete removes policy from security policy database.

func (*SPDPolicyDescriptor) Dependencies 

func (d *SPDPolicyDescriptor) Dependencies(key string, value *ipsec.SecurityPolicyDatabase_PolicyEntry) []kvs.Dependency

Dependencies lists the security association as the only dependency for the binding.

func (*SPDPolicyDescriptor) GetDescriptor 

func (d *SPDPolicyDescriptor) GetDescriptor() *adapter.SPDPolicyDescriptor

GetDescriptor returns descriptor suitable for registration (via adapter) with the KVScheduler.

func (*SPDPolicyDescriptor) IsSPDPolicyKey 

func (d *SPDPolicyDescriptor) IsSPDPolicyKey(key string) bool

IsSPDPolicyKey returns true if the key is identifying binding between VPP security policy database and security association within policy.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.