0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-11-13 22:58:42 +00:00

reconfigure not work

This commit is contained in:
Katerina Kubecova 2024-02-26 17:07:20 +01:00
parent 85ce22eb0b
commit c62df70ac7
2 changed files with 18 additions and 2 deletions

View File

@ -223,6 +223,14 @@ bgp_close(struct bgp_proto *p)
ASSERT(bs && bs->uc); ASSERT(bs && bs->uc);
log("in bgp close");
struct ao_key *key = bs->sk->ao_key;
while (key)
{
log("delete %i", key->local_id);
ao_delete_key(bs->sk, p->remote_ip, -1, bs->sk->iface, key->local_id, key->remote_id);
key = key->next_key;
}
if (--bs->uc) if (--bs->uc)
return; return;
@ -2196,7 +2204,7 @@ int reconfigure_tcp_ao(struct bgp_proto old_proto, struct bgp_config new)
if(compare_aos(ao_key, old_aos[ao_key->local_id])) if(compare_aos(ao_key, old_aos[ao_key->local_id]))
{ {
struct ao_key *o = old_aos[ao_key->local_id]; struct ao_key *o = old_aos[ao_key->local_id];
log("%i %i (master %i) %i %i %s %s %s %s", ao_key->local_id, o->local_id, key_in_use, ao_key->remote_id, o->remote_id, ao_key->cipher, o->cipher, ao_key->master_key, o->master_key); log("%i %i (master %i %i) remotes %i %i %s %s %s %s", ao_key->local_id, o->local_id, key_in_use, key_in_use_rem, ao_key->remote_id, o->remote_id, ao_key->cipher, o->cipher, ao_key->master_key, o->master_key);
if (ao_key->local_id == key_in_use) if (ao_key->local_id == key_in_use)
{ {
cf_warn("TCP AO reconfiguration: Currently used master key (%i) part update. This is not allowed.", ao_key->local_id); cf_warn("TCP AO reconfiguration: Currently used master key (%i) part update. This is not allowed.", ao_key->local_id);
@ -2215,7 +2223,14 @@ int reconfigure_tcp_ao(struct bgp_proto old_proto, struct bgp_config new)
else else
{ {
if (old_rem_id[ao_key->remote_id]) if (old_rem_id[ao_key->remote_id])
{
if (ao_key->remote_id == key_in_use_rem)
{
cf_warn("TCP AO reconfiguration: Currently used master key (%i %i) part update. This is not allowed.", ao_key->local_id, ao_key->remote_id);
return 0;
}
cf_warn("TCP AO reconfiguration: Reusing remote id %i with new local id %i. This might break your connection.", ao_key->remote_id, ao_key->local_id); cf_warn("TCP AO reconfiguration: Reusing remote id %i with new local id %i. This might break your connection.", ao_key->remote_id, ao_key->local_id);
}
sk_set_ao_auth(s_activ, old_proto.local_ip, old_proto.remote_ip, -1, s_activ->iface, ao_key->master_key, ao_key->local_id, ao_key->remote_id, ao_key->cipher, ao_key->required == 1); sk_set_ao_auth(s_activ, old_proto.local_ip, old_proto.remote_ip, -1, s_activ->iface, ao_key->master_key, ao_key->local_id, ao_key->remote_id, ao_key->cipher, ao_key->required == 1);
sk_set_ao_auth(s_passiv, old_proto.local_ip, old_proto.remote_ip, -1, s_passiv->iface, ao_key->master_key, ao_key->local_id, ao_key->remote_id, ao_key->cipher, 0); sk_set_ao_auth(s_passiv, old_proto.local_ip, old_proto.remote_ip, -1, s_passiv->iface, ao_key->master_key, ao_key->local_id, ao_key->remote_id, ao_key->cipher, 0);
} }

View File

@ -3442,7 +3442,8 @@ bgp_rx(sock *sk, uint size)
log("fd %i sk %i key %i", sk->fd, sk, sk->ao_key); log("fd %i sk %i key %i", sk->fd, sk, sk->ao_key);
} }
} }
else
log("no ao");
byte *pkt_start = sk->rbuf; byte *pkt_start = sk->rbuf;
byte *end = pkt_start + size; byte *end = pkt_start + size;
uint i, len; uint i, len;