Add API call to set keys on IPsec tunnel intf There was already a CLI command and a libvnet function to set the keys on an existing IPsec tunnel interface. Expose this via the API. Change-Id: I226a9616f680fc022f04447177a2e8232690657f Signed-off-by: Matthew Smith <mgsmith@netgate.com>

commit: 75d856096f644837e0da9fda011f0c419fa9414e [log] [tgz]
author: Matthew Smith <mgsmith@netgate.com> Thu Oct 05 19:03:05 2017 -0500
committer: Damjan Marion <dmarion.lists@gmail.com> Sat Oct 14 09:11:52 2017 +0000
tree: daa2add2b1973f0f66379d2ccb63848c8fc43b40
parent: 054c03ac9c20a5e38121590b83f01fd91f82acf0 [diff] [blame]
diff --git a/src/vnet/ipsec/ipsec.api b/src/vnet/ipsec/ipsec.api
index 14d6c18..67c3336 100644
--- a/src/vnet/ipsec/ipsec.api
+++ b/src/vnet/ipsec/ipsec.api

@@ -615,6 +615,25 @@
   u64 total_data_size;
 };
 
+/** \brief Set key on IPsec interface
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param sw_if_index - index of tunnel interface
+    @param key_type - type of key being set
+    @param alg - algorithm used with key
+    @param key_len - length key in bytes
+    @param key - key
+*/
+autoreply define ipsec_tunnel_if_set_key {
+  u32 client_index;
+  u32 context;
+  u32 sw_if_index;
+  u8 key_type;
+  u8 alg;
+  u8 key_len;
+  u8 key[128];
+};
+
 /*
  * Local Variables:
  * eval: (c-set-style "gnu")
commit	75d856096f644837e0da9fda011f0c419fa9414e	[log] [tgz]
author	Matthew Smith <mgsmith@netgate.com>	Thu Oct 05 19:03:05 2017 -0500
committer	Damjan Marion <dmarion.lists@gmail.com>	Sat Oct 14 09:11:52 2017 +0000
tree	daa2add2b1973f0f66379d2ccb63848c8fc43b40
parent	054c03ac9c20a5e38121590b83f01fd91f82acf0 [diff] [blame]