hipl-core team mailing list archive

Thread
Date

[Branch ~rene-hummen/hipl/ipsec_esp] Rev 4931: factored out update of IPsec SA and SP into own function

To: HIPL core team <hipl-core@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Wed, 08 Sep 2010 17:04:25 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 4931
committer: Rene Hummen <rene.hummen@xxxxxxxxxxxxxxxxx>
branch nick: ipsec_esp
timestamp: Wed 2010-09-08 19:01:14 +0200
message:
  factored out update of IPsec SA and SP into own function
modified:
  modules/update/hipd/update.c


--
lp:~rene-hummen/hipl/ipsec_esp
https://code.launchpad.net/~rene-hummen/hipl/ipsec_esp

Your team HIPL core team is subscribed to branch lp:~rene-hummen/hipl/ipsec_esp.
To unsubscribe from this branch go to https://code.launchpad.net/~rene-hummen/hipl/ipsec_esp/+edit-subscription

=== modified file 'modules/update/hipd/update.c'
--- modules/update/hipd/update.c	2010-09-03 11:56:17 +0000
+++ modules/update/hipd/update.c	2010-09-08 17:01:14 +0000
@@ -760,8 +760,6 @@
     esp_info = hip_get_param(received_update_packet, HIP_PARAM_ESP_INFO);
     ha->spi_outbound_new = ntohl(esp_info->new_spi);
 
-    hip_recreate_security_associations_and_sp(ha, src_addr, dst_addr);
-
     // Set active addresses
     ipv6_addr_copy(&ha->our_addr, src_addr);
     ipv6_addr_copy(&ha->peer_addr, dst_addr);
@@ -782,13 +780,26 @@
                                            struct in6_addr *src_addr,
                                            struct in6_addr *dst_addr)
 {
-    hip_recreate_security_associations_and_sp(ha, src_addr, dst_addr);
-
     // Set active addresses
     ipv6_addr_copy(&ha->our_addr, src_addr);
     ipv6_addr_copy(&ha->peer_addr, dst_addr);
 }
 
+static int hip_update_ipsec_sa(UNUSED const uint8_t packet_type,
+                               UNUSED const uint32_t ha_state,
+                               struct hip_packet_context *ctx)
+{
+    int err = 0;
+
+    HIP_IFEL(hip_recreate_security_associations_and_sp(ctx->hadb_entry,
+                                                       ctx->src_addr,
+                                                       ctx->dst_addr),
+             -1, "failed to update IPsec SAs and SPs\n");
+
+  out_err:
+    return err;
+}
+
 /**
  * Thin wrapper function around hip_send_locators_to_all_peers. Needed for
  * registration as user message handle function.
@@ -1149,6 +1160,11 @@
                                           30000),
              -1, "Error on registering UPDATE handle function.\n");
     HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
+                                          HIP_STATE_ESTABLISHED,
+                                          &hip_update_ipsec_sa,
+                                          30500),
+                 -1, "Error on registering UPDATE handle function.\n");
+    HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
                                           HIP_STATE_R2_SENT,
                                           &hip_update_check_packet,
                                           20000),
@@ -1158,6 +1174,11 @@
                                           &hip_update_handle_packet,
                                           30000),
              -1, "Error on registering UPDATE handle function.\n");
+    HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
+                                          HIP_STATE_R2_SENT,
+                                          &hip_update_ipsec_sa,
+                                          30500),
+             -1, "Error on registering UPDATE handle function.\n");
 
     HIP_IFEL(hip_user_register_handle(HIP_MSG_MANUAL_UPDATE_PACKET,
                                       &hip_update_manual_update,