hipl-core team mailing list archive
-
hipl-core team
-
Mailing list archive
-
Message #00164
[Branch ~rene-hummen/hipl/ipsec_esp] Rev 4931: factored out update of IPsec SA and SP into own function
------------------------------------------------------------
revno: 4931
committer: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx>
branch nick: ipsec_esp
timestamp: Wed 2010-09-08 19:01:14 +0200
message:
factored out update of IPsec SA and SP into own function
modified:
modules/update/hipd/update.c
--
lp:~rene-hummen/hipl/ipsec_esp
https://code.launchpad.net/~rene-hummen/hipl/ipsec_esp
Your team HIPL core team is subscribed to branch lp:~rene-hummen/hipl/ipsec_esp.
To unsubscribe from this branch go to https://code.launchpad.net/~rene-hummen/hipl/ipsec_esp/+edit-subscription
=== modified file 'modules/update/hipd/update.c'
--- modules/update/hipd/update.c 2010-09-03 11:56:17 +0000
+++ modules/update/hipd/update.c 2010-09-08 17:01:14 +0000
@@ -760,8 +760,6 @@
esp_info = hip_get_param(received_update_packet, HIP_PARAM_ESP_INFO);
ha->spi_outbound_new = ntohl(esp_info->new_spi);
- hip_recreate_security_associations_and_sp(ha, src_addr, dst_addr);
-
// Set active addresses
ipv6_addr_copy(&ha->our_addr, src_addr);
ipv6_addr_copy(&ha->peer_addr, dst_addr);
@@ -782,13 +780,26 @@
struct in6_addr *src_addr,
struct in6_addr *dst_addr)
{
- hip_recreate_security_associations_and_sp(ha, src_addr, dst_addr);
-
// Set active addresses
ipv6_addr_copy(&ha->our_addr, src_addr);
ipv6_addr_copy(&ha->peer_addr, dst_addr);
}
+static int hip_update_ipsec_sa(UNUSED const uint8_t packet_type,
+ UNUSED const uint32_t ha_state,
+ struct hip_packet_context *ctx)
+{
+ int err = 0;
+
+ HIP_IFEL(hip_recreate_security_associations_and_sp(ctx->hadb_entry,
+ ctx->src_addr,
+ ctx->dst_addr),
+ -1, "failed to update IPsec SAs and SPs\n");
+
+ out_err:
+ return err;
+}
+
/**
* Thin wrapper function around hip_send_locators_to_all_peers. Needed for
* registration as user message handle function.
@@ -1149,6 +1160,11 @@
30000),
-1, "Error on registering UPDATE handle function.\n");
HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
+ HIP_STATE_ESTABLISHED,
+ &hip_update_ipsec_sa,
+ 30500),
+ -1, "Error on registering UPDATE handle function.\n");
+ HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
HIP_STATE_R2_SENT,
&hip_update_check_packet,
20000),
@@ -1158,6 +1174,11 @@
&hip_update_handle_packet,
30000),
-1, "Error on registering UPDATE handle function.\n");
+ HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
+ HIP_STATE_R2_SENT,
+ &hip_update_ipsec_sa,
+ 30500),
+ -1, "Error on registering UPDATE handle function.\n");
HIP_IFEL(hip_user_register_handle(HIP_MSG_MANUAL_UPDATE_PACKET,
&hip_update_manual_update,