diff options
| author | Gaurav Goyal <gaurav.goyal@4rf.com> | 2021-02-04 04:08:08 +0100 |
|---|---|---|
| committer | Reuben Dowle <reuben.dowle@4rf.com> | 2021-03-17 05:03:47 +0100 |
| commit | 58ef1668ae45613dae36ca2e11a717236a3e4399 (patch) | |
| tree | 9e1def5a14b9643c30335803757442be2ad5243b /nhrpd | |
| parent | nhrpd: Make comments clearer, fix style issues (diff) | |
| download | frr-58ef1668ae45613dae36ca2e11a717236a3e4399.tar.xz frr-58ef1668ae45613dae36ca2e11a717236a3e4399.zip | |
nhrpd: When IPsec profile is added or deleted, reset the vc and re-check peer
Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
Diffstat (limited to 'nhrpd')
| -rw-r--r-- | nhrpd/nhrp_interface.c | 4 | ||||
| -rw-r--r-- | nhrpd/nhrp_peer.c | 4 | ||||
| -rw-r--r-- | nhrpd/nhrpd.h | 1 | ||||
| -rw-r--r-- | nhrpd/vici.c | 2 |
4 files changed, 10 insertions, 1 deletions
diff --git a/nhrpd/nhrp_interface.c b/nhrpd/nhrp_interface.c index 9f531cf6b..b348cc0de 100644 --- a/nhrpd/nhrp_interface.c +++ b/nhrpd/nhrp_interface.c @@ -466,18 +466,20 @@ void nhrp_interface_set_protection(struct interface *ifp, const char *profile, if (nifp->ipsec_profile) { vici_terminate_vc_by_profile_name(nifp->ipsec_profile); + nhrp_vc_reset(); free(nifp->ipsec_profile); } nifp->ipsec_profile = profile ? strdup(profile) : NULL; if (nifp->ipsec_fallback_profile) { vici_terminate_vc_by_profile_name(nifp->ipsec_fallback_profile); + nhrp_vc_reset(); free(nifp->ipsec_fallback_profile); } nifp->ipsec_fallback_profile = fallback_profile ? strdup(fallback_profile) : NULL; - notifier_call(&nifp->notifier_list, NOTIFY_INTERFACE_ADDRESS_CHANGED); + notifier_call(&nifp->notifier_list, NOTIFY_INTERFACE_IPSEC_CHANGED); } void nhrp_interface_set_source(struct interface *ifp, const char *ifname) diff --git a/nhrpd/nhrp_peer.c b/nhrpd/nhrp_peer.c index 5e9929ade..0d589e305 100644 --- a/nhrpd/nhrp_peer.c +++ b/nhrpd/nhrp_peer.c @@ -147,6 +147,10 @@ static void nhrp_peer_ifp_notify(struct notifier_block *n, unsigned long cmd) case NOTIFY_INTERFACE_ADDRESS_CHANGED: notifier_call(&p->notifier_list, NOTIFY_PEER_IFCONFIG_CHANGED); break; + case NOTIFY_INTERFACE_IPSEC_CHANGED: + __nhrp_peer_check(p); + notifier_call(&p->notifier_list, NOTIFY_PEER_IFCONFIG_CHANGED); + break; case NOTIFY_INTERFACE_MTU_CHANGED: notifier_call(&p->notifier_list, NOTIFY_PEER_MTU_CHANGED); break; diff --git a/nhrpd/nhrpd.h b/nhrpd/nhrpd.h index 66ca1eabf..365546315 100644 --- a/nhrpd/nhrpd.h +++ b/nhrpd/nhrpd.h @@ -105,6 +105,7 @@ enum nhrp_notify_type { NOTIFY_INTERFACE_ADDRESS_CHANGED, NOTIFY_INTERFACE_NBMA_CHANGED, NOTIFY_INTERFACE_MTU_CHANGED, + NOTIFY_INTERFACE_IPSEC_CHANGED, NOTIFY_VC_IPSEC_CHANGED, NOTIFY_VC_IPSEC_UPDATE_NBMA, diff --git a/nhrpd/vici.c b/nhrpd/vici.c index fc51fe236..9b117ddf0 100644 --- a/nhrpd/vici.c +++ b/nhrpd/vici.c @@ -526,6 +526,7 @@ void vici_terminate_vc_by_profile_name(char *profile_name) { struct vici_conn *vici = &vici_connection; + debugf(NHRP_DEBUG_VICI, "Terminate profile = %s", profile_name); vici_submit_request(vici, "terminate", VICI_KEY_VALUE, "ike", strlen(profile_name), profile_name, VICI_END); } @@ -536,6 +537,7 @@ void vici_terminate_vc_by_ike_id(unsigned int ike_id) char ike_id_str[10]; snprintf(ike_id_str, sizeof(ike_id_str), "%d", ike_id); + debugf(NHRP_DEBUG_VICI, "Terminate ike_id_str = %s", ike_id_str); vici_submit_request(vici, "terminate", VICI_KEY_VALUE, "ike-id", strlen(ike_id_str), ike_id_str, VICI_END); } |