diff options
| author |   Alexander Skorichenko <askorichenko@netgate.com> | 2021-10-15 16:04:44 +0000 |
|---|---|---|
| committer |   Matthew Smith <mgsmith@netgate.com> | 2021-10-19 14:50:35 +0000 |
| commit | 4c3c60daf7bccffc0f1fe59d8d09557bc62d00b0 (patch) | |
| tree | 2ff3dd0503e1b2923e28c452527957c5489f1243 /src/vnet/bfd | |
| parent | 0dfad21e88a5af3d429af5b429f7a7b5a9af7c04 (diff) | |
bfd: fix bfd_key_id update
Type: fix
Currently, auth activation CLI command
"bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>"
allows to change both key-ids to new values at once.
But if only bfd-key-id should be corrected, e.g. as a result of mistyping,
we can't do that in a single operation, and have to deactivate auth first
and then reactivate it with a correctly entered pair of ids.
Currently, backend's bfd_auth_activate() function returns immediately,
with no action, if it finds that submitted conf-key-id matches the
current record. No check on bfd-key-id value is made.
With this fix, bfd_auth_activate() checks if session's bfd-key-id has to
be changed to a new value, and if so, it updates and logs appropriately.
Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
Diffstat (limited to 'src/vnet/bfd')
| -rw-r--r-- | src/vnet/bfd/bfd_main.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/vnet/bfd/bfd_main.c b/src/vnet/bfd/bfd_main.c index b2bdd6cda70..27616db3deb 100644 --- a/src/vnet/bfd/bfd_main.c +++ b/src/vnet/bfd/bfd_main.c @@ -2022,22 +2022,27 @@ bfd_auth_activate (bfd_session_t * bs, u32 conf_key_id, bfd_auth_key_t *key = pool_elt_at_index (bm->auth_keys, key_idx); if (is_delayed) { - if (bs->auth.next_key == key) + if (bs->auth.next_key == key && bs->auth.next_bfd_key_id == bfd_key_id) { /* already using this key, no changes required */ return 0; } - bs->auth.next_key = key; + if (bs->auth.next_key != key) + { + ++key->use_count; + bs->auth.next_key = key; + } bs->auth.next_bfd_key_id = bfd_key_id; bs->auth.is_delayed = 1; } else { - if (bs->auth.curr_key == key) + if (bs->auth.curr_key == key && bs->auth.curr_bfd_key_id == bfd_key_id) { /* already using this key, no changes required */ return 0; } + ++key->use_count; if (bs->auth.curr_key) { --bs->auth.curr_key->use_count; @@ -2046,7 +2051,6 @@ bfd_auth_activate (bfd_session_t * bs, u32 conf_key_id, bs->auth.curr_bfd_key_id = bfd_key_id; bs->auth.is_delayed = 0; } - ++key->use_count; BFD_DBG ("\nSession auth modified: %U", format_bfd_session, bs); vlib_log_info (bm->log_class, "session auth modified: %U", format_bfd_session_brief, bs); |