Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / netd / da54f121d3ee5cb9094bdfd4fca46e9085a7d49b^! / . / server / XfrmControllerTest.cpp
commitda54f121d3ee5cb9094bdfd4fca46e9085a7d49b[log] [tgz]
authorNathan Harold <nharold@google.com>Tue Jan 09 16:42:57 2018 -0800
committerNathan Harold <nharold@google.com>Tue Jan 16 11:18:47 2018 -0800
tree66a6a6ad2e8a86fd05e96f1b05970da511a2223b
parentd7dd1d3af4ebac422303370301f1d98c9a84a8ae [diff] [blame]
Make Transforms Unidirectional

Convert the IpSecTransform from being a bi-directional
pair of SAs to a unidirectional single SA. This CL
also removes the concept of "direction from SAs meaning
that a IpSecTransform may now be applied to a socket
in either direction.

-Remove direction parameter from SAs and SPIs.
-Convert to using source and destination rather than
 local and remote addresses.

Bug: 71717213
Test: CTS - IpSecManagerTest
Change-Id: I7150c2b03057e18a7d9d3edff302baf10e1ee729

diff --git a/server/XfrmControllerTest.cpp b/server/XfrmControllerTest.cpp
index a588cc5..184aeac 100644
--- a/server/XfrmControllerTest.cpp
+++ b/server/XfrmControllerTest.cpp

@@ -239,8 +239,8 @@
 
     XfrmController ctrl;
     int outSpi = 0;
-    Status res = ctrl.ipSecAllocateSpi(1 /* resourceId */, static_cast<int>(XfrmDirection::OUT),
-                                       localAddr, remoteAddr, DROID_SPI, &outSpi);
+    Status res = ctrl.ipSecAllocateSpi(1 /* resourceId */, localAddr,
+                                       remoteAddr, DROID_SPI, &outSpi);
 
     EXPECT_TRUE(isOk(res)) << res;
     EXPECT_EQ(DROID_SPI, outSpi);
@@ -287,11 +287,11 @@
 
     XfrmController ctrl;
     Status res = ctrl.ipSecAddSecurityAssociation(
-        1 /* resourceId */, static_cast<int>(mode),
-        static_cast<int>(XfrmDirection::OUT), localAddr, remoteAddr, 0 /* underlying network */,
-        DROID_SPI, "hmac(sha256)" /* auth algo */, authKey, 128 /* auth trunc length */,
-        "cbc(aes)" /* encryption algo */, cryptKey, 0 /* crypt trunc length? */, "" /* AEAD algo */,
-        {}, 0, static_cast<int>(XfrmEncapType::NONE), 0 /* local port */, 0 /* remote port */);
+        1 /* resourceId */, static_cast<int>(mode), localAddr, remoteAddr,
+        0 /* underlying network */, DROID_SPI, "hmac(sha256)" /* auth algo */,
+        authKey, 128 /* auth trunc length */, "cbc(aes)" /* encryption algo */, cryptKey,
+        0 /* crypt trunc length? */, "" /* AEAD algo */, {}, 0,
+        static_cast<int>(XfrmEncapType::NONE), 0 /* local port */, 0 /* remote port */);
 
     EXPECT_TRUE(isOk(res)) << res;
     EXPECT_EQ(expectedMsgLength, nlMsgBuf.size());
@@ -370,7 +370,7 @@
 
     XfrmController ctrl;
     Status res = ctrl.ipSecAddSecurityAssociation(
-        1, static_cast<int>(XfrmMode::TRANSPORT), static_cast<int>(XfrmDirection::OUT),
+        1, static_cast<int>(XfrmMode::TRANSPORT),
         LOCALHOST_V6, TEST_ADDR_V6, 0, DROID_SPI, "hmac(sha256)", {}, 128, "cbc(aes)",
         {}, 0, "", {}, 0, static_cast<int>(XfrmEncapType::ESPINUDP_NON_IKE), 0, 0);
 
@@ -455,7 +455,7 @@
 
     XfrmController ctrl;
     Status res = ctrl.ipSecDeleteSecurityAssociation(
-        1 /* resourceId */, static_cast<int>(XfrmDirection::OUT), localAddr, remoteAddr, DROID_SPI);
+        1 /* resourceId */, localAddr, remoteAddr, DROID_SPI);
 
     EXPECT_TRUE(isOk(res)) << res;
     EXPECT_EQ(expectedMsgLength, nlMsgBuf.size());