Type: fix
Currently, auth activation CLI command
"bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>"
allows to change both key-ids to new values at once.
But if only bfd-key-id should be corrected, e.g. as a result of mistyping,
we can't do that in a single operation, and have to deactivate auth first
and then reactivate it with a correctly entered pair of ids.
Currently, backend's bfd_auth_activate() function returns immediately,
with no action, if it finds that submitted conf-key-id matches the
current record. No check on bfd-key-id value is made.
With this fix, bfd_auth_activate() checks if session's bfd-key-id has to
be changed to a new value, and if so, it updates and logs appropriately.
Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
bfd_auth_key_t *key = pool_elt_at_index (bm->auth_keys, key_idx);
if (is_delayed)
{
bfd_auth_key_t *key = pool_elt_at_index (bm->auth_keys, key_idx);
if (is_delayed)
{
- if (bs->auth.next_key == key)
+ if (bs->auth.next_key == key && bs->auth.next_bfd_key_id == bfd_key_id)
{
/* already using this key, no changes required */
return 0;
}
{
/* already using this key, no changes required */
return 0;
}
- bs->auth.next_key = key;
+ if (bs->auth.next_key != key)
+ {
+ ++key->use_count;
+ bs->auth.next_key = key;
+ }
bs->auth.next_bfd_key_id = bfd_key_id;
bs->auth.is_delayed = 1;
}
else
{
bs->auth.next_bfd_key_id = bfd_key_id;
bs->auth.is_delayed = 1;
}
else
{
- if (bs->auth.curr_key == key)
+ if (bs->auth.curr_key == key && bs->auth.curr_bfd_key_id == bfd_key_id)
{
/* already using this key, no changes required */
return 0;
}
{
/* already using this key, no changes required */
return 0;
}
if (bs->auth.curr_key)
{
--bs->auth.curr_key->use_count;
if (bs->auth.curr_key)
{
--bs->auth.curr_key->use_count;
bs->auth.curr_bfd_key_id = bfd_key_id;
bs->auth.is_delayed = 0;
}
bs->auth.curr_bfd_key_id = bfd_key_id;
bs->auth.is_delayed = 0;
}
BFD_DBG ("\nSession auth modified: %U", format_bfd_session, bs);
vlib_log_info (bm->log_class, "session auth modified: %U",
format_bfd_session_brief, bs);
BFD_DBG ("\nSession auth modified: %U", format_bfd_session, bs);
vlib_log_info (bm->log_class, "session auth modified: %U",
format_bfd_session_brief, bs);