aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorAlexander Skorichenko <askorichenko@netgate.com>2021-10-15 16:04:44 +0000
committerMatthew Smith <mgsmith@netgate.com>2021-10-19 14:50:35 +0000
commit4c3c60daf7bccffc0f1fe59d8d09557bc62d00b0 (patch)
tree2ff3dd0503e1b2923e28c452527957c5489f1243 /src
parent0dfad21e88a5af3d429af5b429f7a7b5a9af7c04 (diff)
bfd: fix bfd_key_id update
Type: fix Currently, auth activation CLI command "bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>" allows to change both key-ids to new values at once. But if only bfd-key-id should be corrected, e.g. as a result of mistyping, we can't do that in a single operation, and have to deactivate auth first and then reactivate it with a correctly entered pair of ids. Currently, backend's bfd_auth_activate() function returns immediately, with no action, if it finds that submitted conf-key-id matches the current record. No check on bfd-key-id value is made. With this fix, bfd_auth_activate() checks if session's bfd-key-id has to be changed to a new value, and if so, it updates and logs appropriately. Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
Diffstat (limited to 'src')
-rw-r--r--src/vnet/bfd/bfd_main.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/src/vnet/bfd/bfd_main.c b/src/vnet/bfd/bfd_main.c
index b2bdd6cda70..27616db3deb 100644
--- a/src/vnet/bfd/bfd_main.c
+++ b/src/vnet/bfd/bfd_main.c
@@ -2022,22 +2022,27 @@ bfd_auth_activate (bfd_session_t * bs, u32 conf_key_id,
bfd_auth_key_t *key = pool_elt_at_index (bm->auth_keys, key_idx);
if (is_delayed)
{
- if (bs->auth.next_key == key)
+ if (bs->auth.next_key == key && bs->auth.next_bfd_key_id == bfd_key_id)
{
/* already using this key, no changes required */
return 0;
}
- bs->auth.next_key = key;
+ if (bs->auth.next_key != key)
+ {
+ ++key->use_count;
+ bs->auth.next_key = key;
+ }
bs->auth.next_bfd_key_id = bfd_key_id;
bs->auth.is_delayed = 1;
}
else
{
- if (bs->auth.curr_key == key)
+ if (bs->auth.curr_key == key && bs->auth.curr_bfd_key_id == bfd_key_id)
{
/* already using this key, no changes required */
return 0;
}
+ ++key->use_count;
if (bs->auth.curr_key)
{
--bs->auth.curr_key->use_count;
@@ -2046,7 +2051,6 @@ bfd_auth_activate (bfd_session_t * bs, u32 conf_key_id,
bs->auth.curr_bfd_key_id = bfd_key_id;
bs->auth.is_delayed = 0;
}
- ++key->use_count;
BFD_DBG ("\nSession auth modified: %U", format_bfd_session, bs);
vlib_log_info (bm->log_class, "session auth modified: %U",
format_bfd_session_brief, bs);