-Use 'router_key' naming instead of bgpsec once the certificates had been validated and are stored at base or deltas.
-Use char arrays instead of pointers at SK (subject key) info, the DB hash table was detecting every validation run as an update for BGPsec certificates (pointers to sk_info's were always distinct).
-Remove structure 'sk_info' and its related functions, now its data is set at 'router_key' struct.
-Allow to receive larger error pdu messages. The maximum allowed length for PDUs received is 512 bytes, but the error messages couldn't be larger than 40 bytes (aprox).
-Add Router Key PDU constant length.
-Avoid needless comparisons at SLURM filters.
return pr_err("BGPsec certificate is not allowed for ASN %lu.",
asn);
- return vhandler_handle_bgpsec(params->ski, asn, params->spk);
+ return vhandler_handle_router_key(params->ski, asn, params->spk);
}
int
#include "object/router_key.h"
#include <string.h>
-#include "log.h"
-struct sk_info {
- unsigned char *ski;
- /* Lengths are constant (see RK_SKI_LEN, RK_SPKI_LEN) */
- unsigned char *spk;
- unsigned int references;
-};
-
-static int
-uchar_create(unsigned char **result, size_t size)
-{
- unsigned char *tmp;
-
- tmp = malloc(size + 1);
- if (tmp == NULL)
- return pr_enomem();
-
- *result = tmp;
- return 0;
-}
-
-int
+void
router_key_init(struct router_key *key, unsigned char const *ski,
uint32_t as, unsigned char const *spk)
{
- struct sk_info *sk;
- int error;
-
- sk = malloc(sizeof(struct sk_info));
- if (sk == NULL)
- return pr_enomem();
-
- error = uchar_create(&sk->ski, RK_SKI_LEN);
- if (error) {
- free(sk);
- return pr_enomem();
- }
-
- error = uchar_create(&sk->spk, RK_SPKI_LEN);
- if (error) {
- free(sk->ski);
- free(sk);
- return pr_enomem();
- }
-
- memcpy(sk->ski, ski, RK_SKI_LEN);
- sk->ski[RK_SKI_LEN] = '\0';
- memcpy(sk->spk, spk, RK_SPKI_LEN);
- sk->spk[RK_SPKI_LEN] = '\0';
- sk->references = 1;
-
+ memcpy(key->ski, ski, RK_SKI_LEN);
+ memcpy(key->spk, spk, RK_SPKI_LEN);
key->as = as;
- key->sk = sk;
-
- return 0;
-}
-
-void
-router_key_cleanup(struct router_key *key)
-{
- sk_info_refput(key->sk);
-}
-
-void
-sk_info_refget(struct sk_info *sk)
-{
- sk->references++;
-}
-
-void
-sk_info_refput(struct sk_info *sk)
-{
- sk->references--;
- if (sk->references == 0) {
- free(sk->ski);
- free(sk->spk);
- free(sk);
- }
-}
-
-unsigned char *
-sk_info_get_ski(struct sk_info *sk)
-{
- return sk->ski;
-}
-
-unsigned char *
-sk_info_get_spk(struct sk_info *sk)
-{
- return sk->spk;
}
*/
#define RK_SPKI_LEN 91
-/*
- * Subject key info with ref counter, use getters to fetch its data
- */
-struct sk_info;
-
/*
* Router Key representation
*/
struct router_key {
+ /* Lengths are constant (see RK_SKI_LEN, RK_SPKI_LEN) */
+ unsigned char ski[RK_SKI_LEN];
uint32_t as;
- struct sk_info *sk;
+ unsigned char spk[RK_SPKI_LEN];
};
-int router_key_init(struct router_key *, unsigned char const *, uint32_t,
+void router_key_init(struct router_key *, unsigned char const *, uint32_t,
unsigned char const *);
-void router_key_cleanup(struct router_key *);
-
-void sk_info_refget(struct sk_info *);
-void sk_info_refput(struct sk_info *);
-
-unsigned char *sk_info_get_ski(struct sk_info *);
-unsigned char *sk_info_get_spk(struct sk_info *);
#endif /* SRC_OBJECT_ROUTER_KEY_H_ */
}
static int
-print_to_hex(unsigned char *data, size_t len, char **out)
+print_to_hex(unsigned char const *data, size_t len, char **out)
{
char *tmp;
char *init;
char *buf2;
int error;
- error = print_to_hex(sk_info_get_ski(key->sk), RK_SKI_LEN, &buf1);
+ error = print_to_hex(key->ski, RK_SKI_LEN, &buf1);
if (error)
return error;
- error = print_to_hex(sk_info_get_spk(key->sk),RK_SPKI_LEN, &buf2);
+ error = print_to_hex(key->spk, RK_SPKI_LEN, &buf2);
if (error)
return error;
fprintf(out, "AS%u,%s,%s\n", key->as, buf1, buf2);
HASH_ITER(hh, table->router_keys, node_key, tmp_key) {
HASH_DEL(table->router_keys, node_key);
- router_key_cleanup(&node_key->data);
free(node_key);
}
HASH_REPLACE(hh, table->router_keys, data, sizeof(new->data), new, old);
if (errno)
return -pr_errno(errno, "Router Key couldn't be added to hash table");
- if (old != NULL) {
- router_key_cleanup(&old->data);
+ if (old != NULL)
free(old);
- }
return 0;
}
static int
duplicate_key(struct db_table *dst, struct hashable_key *new)
{
- struct sk_info *sk = new->data.sk;
-
- return rtrhandler_handle_router_key(dst, sk_info_get_ski(sk),
- new->data.as, sk_info_get_spk(sk));
+ return rtrhandler_handle_router_key(dst, new->data.ski, new->data.as,
+ new->data.spk);
}
#define MERGE_ITER(table_prop, name, err_var) \
HASH_FIND(hh, table->router_keys, del, sizeof(*del), ptr);
if (ptr != NULL) {
HASH_DELETE(hh, table->router_keys, ptr);
- router_key_cleanup(&ptr->data);
free(ptr);
}
}
/* Needed by uthash */
memset(key, 0, sizeof(struct hashable_key));
- error = router_key_init(&key->data, ski, as, spk);
- if (error) {
- free(key);
- return error;
- }
+ router_key_init(&key->data, ski, as, spk);
error = add_router_key(table, key);
- if (error) {
- router_key_cleanup(&key->data);
+ if (error)
free(key);
- }
+
return error;
}
static int
add_router_key_delta(struct deltas *deltas, struct hashable_key *key, int op)
{
- return deltas_add_bgpsec(deltas, &key->data, op);
+ return deltas_add_router_key(deltas, &key->data, op);
}
/*
uint8_t max_length;
};
-struct delta_bsec {
- uint32_t as;
- struct sk_info *sk;
+struct delta_rk {
+ unsigned char ski[RK_SKI_LEN];
+ uint32_t as;
+ unsigned char spk[RK_SPKI_LEN];
};
ARRAY_LIST(deltas_v6, struct delta_v6)
ARRAY_LIST(deltas_v4, struct delta_v4)
-ARRAY_LIST(deltas_bgpsec, struct delta_bsec)
+ARRAY_LIST(deltas_rk, struct delta_rk)
struct deltas {
struct {
struct deltas_v6 removes;
} v6;
struct {
- struct deltas_bgpsec adds;
- struct deltas_bgpsec removes;
- } bgpsec;
+ struct deltas_rk adds;
+ struct deltas_rk removes;
+ } rk;
atomic_uint references;
};
-static void
-delta_bsec_cleanup(struct delta_bsec *bsec)
-{
- sk_info_refput(bsec->sk);
-}
-
int
deltas_create(struct deltas **_result)
{
deltas_v4_init(&result->v4.removes);
deltas_v6_init(&result->v6.adds);
deltas_v6_init(&result->v6.removes);
- deltas_bgpsec_init(&result->bgpsec.adds);
- deltas_bgpsec_init(&result->bgpsec.removes);
+ deltas_rk_init(&result->rk.adds);
+ deltas_rk_init(&result->rk.removes);
atomic_init(&result->references, 1);
*_result = result;
deltas_v4_cleanup(&deltas->v4.removes, NULL);
deltas_v6_cleanup(&deltas->v6.adds, NULL);
deltas_v6_cleanup(&deltas->v6.removes, NULL);
- deltas_bgpsec_cleanup(&deltas->bgpsec.adds, delta_bsec_cleanup);
- deltas_bgpsec_cleanup(&deltas->bgpsec.removes,
- delta_bsec_cleanup);
+ deltas_rk_cleanup(&deltas->rk.adds, NULL);
+ deltas_rk_cleanup(&deltas->rk.removes, NULL);
free(deltas);
}
}
}
int
-deltas_add_bgpsec(struct deltas *deltas, struct router_key *key, int op)
+deltas_add_router_key(struct deltas *deltas, struct router_key *key, int op)
{
- struct delta_bsec delta = {
+ struct delta_rk delta = {
.as = key->as,
- .sk = key->sk,
};
- sk_info_refget(key->sk);
+ memcpy(delta.ski, key->ski, RK_SKI_LEN);
+ memcpy(delta.spk, key->spk, RK_SPKI_LEN);
switch (op) {
case FLAG_ANNOUNCEMENT:
- return deltas_bgpsec_add(&deltas->bgpsec.adds, &delta);
+ return deltas_rk_add(&deltas->rk.adds, &delta);
case FLAG_WITHDRAWAL:
- return deltas_bgpsec_add(&deltas->bgpsec.removes, &delta);
+ return deltas_rk_add(&deltas->rk.removes, &delta);
}
pr_crit("Unknown delta operation: %d", op);
&& (deltas->v4.removes.len == 0)
&& (deltas->v6.adds.len == 0)
&& (deltas->v6.removes.len == 0)
- && (deltas->bgpsec.adds.len == 0)
- && (deltas->bgpsec.removes.len == 0);
+ && (deltas->rk.adds.len == 0)
+ && (deltas->rk.removes.len == 0);
}
static int
}
static int
-__foreach_bgpsec(struct deltas_bgpsec *array, delta_bgpsec_foreach_cb cb,
+__foreach_rk(struct deltas_rk *array, delta_router_key_foreach_cb cb,
void *arg, serial_t serial, uint8_t flags)
{
- struct delta_bgpsec delta;
- struct delta_bsec *d;
+ struct delta_router_key delta;
+ struct delta_rk *d;
array_index i;
int error;
ARRAYLIST_FOREACH(array, d, i) {
delta.router_key.as = d->as;
- delta.router_key.sk = d->sk;
- sk_info_refget(d->sk);
+ memcpy(delta.router_key.ski, d->ski, RK_SKI_LEN);
+ memcpy(delta.router_key.spk, d->spk, RK_SPKI_LEN);
error = cb(&delta, arg);
- sk_info_refput(d->sk);
if (error)
return error;
}
int
deltas_foreach(serial_t serial, struct deltas *deltas,
- delta_vrp_foreach_cb cb_vrp, delta_bgpsec_foreach_cb cb_bgpsec, void *arg)
+ delta_vrp_foreach_cb cb_vrp, delta_router_key_foreach_cb cb_rk, void *arg)
{
int error;
if (error)
return error;
- error = __foreach_bgpsec(&deltas->bgpsec.adds, cb_bgpsec, arg, serial,
+ error = __foreach_rk(&deltas->rk.adds, cb_rk, arg, serial,
FLAG_ANNOUNCEMENT);
if (error)
return error;
- return __foreach_bgpsec(&deltas->bgpsec.removes, cb_bgpsec, arg, serial,
+ return __foreach_rk(&deltas->rk.removes, cb_rk, arg, serial,
FLAG_WITHDRAWAL);
}
int deltas_add_roa_v4(struct deltas *, uint32_t, struct v4_address *, int);
int deltas_add_roa_v6(struct deltas *, uint32_t, struct v6_address *, int);
-int deltas_add_bgpsec(struct deltas *, struct router_key *, int);
+int deltas_add_router_key(struct deltas *, struct router_key *, int);
bool deltas_is_empty(struct deltas *);
int deltas_foreach(serial_t, struct deltas *, delta_vrp_foreach_cb,
- delta_bgpsec_foreach_cb, void *);
+ delta_router_key_foreach_cb, void *);
#endif /* SRC_DELTA_H_ */
uint8_t flags;
};
-struct delta_bgpsec {
+struct delta_router_key {
serial_t serial;
struct router_key router_key;
uint8_t flags;
typedef int (*router_key_foreach_cb)(struct router_key const *, void *);
typedef int (*delta_vrp_foreach_cb)(struct delta_vrp const *, void *);
-typedef int (*delta_bgpsec_foreach_cb)(struct delta_bgpsec const *, void *);
+typedef int (*delta_router_key_foreach_cb)(struct delta_router_key const *,
+ void *);
#endif /* SRC_RTR_DB_VRP_H_ */
SLIST_ENTRY(vrp_node) next;
};
-struct bgpsec_node {
- struct delta_bgpsec delta;
- SLIST_ENTRY(bgpsec_node) next;
+struct rk_node {
+ struct delta_router_key delta;
+ SLIST_ENTRY(rk_node) next;
};
/** Sorted list to filter deltas */
SLIST_HEAD(vrp_slist, vrp_node);
-SLIST_HEAD(bgpsec_slist, bgpsec_node);
+SLIST_HEAD(rk_slist, rk_node);
struct sorted_lists {
struct vrp_slist prefixes;
- struct bgpsec_slist bgpsec;
+ struct rk_slist router_keys;
};
struct state {
}
int
-__handle_bgpsec(unsigned char const *ski, uint32_t as, unsigned char const *spk,
- void *arg)
+__handle_router_key(unsigned char const *ski, uint32_t as,
+ unsigned char const *spk, void *arg)
{
return rtrhandler_handle_router_key(arg, ski, as, spk);
}
validation_handler.handle_roa_v4 = __handle_roa_v4;
validation_handler.handle_roa_v6 = __handle_roa_v6;
- validation_handler.handle_bgpsec = __handle_bgpsec;
+ validation_handler.handle_router_key = __handle_router_key;
validation_handler.arg = db;
error = perform_standalone_validation(&validation_handler);
}
static int
-bgpsec_ovrd_remove(struct delta_bgpsec const *delta, void *arg)
+router_key_ovrd_remove(struct delta_router_key const *delta, void *arg)
{
struct sorted_lists *lists = arg;
- struct bgpsec_node *ptr;
- struct bgpsec_slist *filtered_bgpsec;
+ struct rk_node *ptr;
+ struct rk_slist *filtered_keys;
struct router_key const *key;
- filtered_bgpsec = &lists->bgpsec;
- SLIST_FOREACH(ptr, filtered_bgpsec, next) {
+ filtered_keys = &lists->router_keys;
+ SLIST_FOREACH(ptr, filtered_keys, next) {
key = &delta->router_key;
if (key->as == ptr->delta.router_key.as &&
- memcmp(sk_info_get_ski(key->sk),
- sk_info_get_ski(ptr->delta.router_key.sk), RK_SKI_LEN) &&
- memcmp(sk_info_get_spk(key->sk),
- sk_info_get_spk(ptr->delta.router_key.sk), RK_SPKI_LEN) &&
+ memcmp(key->ski, ptr->delta.router_key.ski, RK_SKI_LEN) &&
+ memcmp(key->spk, ptr->delta.router_key.spk, RK_SPKI_LEN) &&
delta->flags != ptr->delta.flags) {
- SLIST_REMOVE(filtered_bgpsec, ptr, bgpsec_node, next);
+ SLIST_REMOVE(filtered_keys, ptr, rk_node, next);
free(ptr);
return 0;
}
}
- ptr = malloc(sizeof(struct bgpsec_node));
+ ptr = malloc(sizeof(struct rk_node));
if (ptr == NULL)
return pr_enomem();
ptr->delta = *delta;
- SLIST_INSERT_HEAD(filtered_bgpsec, ptr, next);
+ SLIST_INSERT_HEAD(filtered_keys, ptr, next);
return 0;
}
*/
int
vrps_foreach_filtered_delta(struct deltas_db *deltas,
- delta_vrp_foreach_cb cb_prefix, delta_bgpsec_foreach_cb cb_bgpsec,
+ delta_vrp_foreach_cb cb_prefix, delta_router_key_foreach_cb cb_rk,
void *arg)
{
struct sorted_lists filtered_lists;
struct delta_group *group;
struct vrp_node *vnode;
- struct bgpsec_node *bnode;
+ struct rk_node *rnode;
array_index i;
int error = 0;
* are immutable.)
*/
SLIST_INIT(&filtered_lists.prefixes);
- SLIST_INIT(&filtered_lists.bgpsec);
+ SLIST_INIT(&filtered_lists.router_keys);
ARRAYLIST_FOREACH(deltas, group, i) {
error = deltas_foreach(group->serial, group->deltas,
- vrp_ovrd_remove, bgpsec_ovrd_remove, &filtered_lists);
+ vrp_ovrd_remove, router_key_ovrd_remove, &filtered_lists);
if (error)
goto release_list;
}
if (error)
break;
}
- SLIST_FOREACH(bnode, &filtered_lists.bgpsec, next) {
- error = cb_bgpsec(&bnode->delta, arg);
+ SLIST_FOREACH(rnode, &filtered_lists.router_keys, next) {
+ error = cb_rk(&rnode->delta, arg);
if (error)
break;
}
SLIST_REMOVE_HEAD(&filtered_lists.prefixes, next);
free(vnode);
}
- while (!SLIST_EMPTY(&filtered_lists.bgpsec)) {
- bnode = filtered_lists.bgpsec.slh_first;
- SLIST_REMOVE_HEAD(&filtered_lists.bgpsec, next);
- free(bnode);
+ while (!SLIST_EMPTY(&filtered_lists.router_keys)) {
+ rnode = filtered_lists.router_keys.slh_first;
+ SLIST_REMOVE_HEAD(&filtered_lists.router_keys, next);
+ free(rnode);
}
return error;
int get_last_serial_number(serial_t *);
int vrps_foreach_filtered_delta(struct deltas_db *, delta_vrp_foreach_cb,
- delta_bgpsec_foreach_cb, void *);
+ delta_router_key_foreach_cb, void *);
uint16_t get_current_session_id(uint8_t);
#include <netinet/in.h>
#include "common.h"
+#include "object/router_key.h"
#include "rtr/primitive_reader.h"
#define RTR_V0 0
#define RTRPDU_END_OF_DATA_V0_LEN 12
#define RTRPDU_END_OF_DATA_V1_LEN 24
#define RTRPDU_CACHE_RESET_LEN 8
+#define RTRPDU_ROUTER_KEY_LEN 123
/* Ignores Error Report PDUs, which is fine. */
#define RTRPDU_MAX_LEN RTRPDU_IPV6_PREFIX_LEN
+#define RTRPDU_ERR_MAX_LEN 256
struct pdu_header {
uint8_t protocol_version;
struct router_key_pdu {
struct pdu_header header;
- unsigned char *ski;
+ unsigned char ski[RK_SKI_LEN];
size_t ski_len;
uint32_t asn;
- unsigned char *spki;
+ unsigned char spki[RK_SPKI_LEN];
size_t spki_len;
};
struct error_report_pdu {
struct pdu_header header;
uint32_t error_pdu_length;
- unsigned char erroneous_pdu[RTRPDU_MAX_LEN];
+ unsigned char erroneous_pdu[RTRPDU_ERR_MAX_LEN];
uint32_t error_message_length;
rtr_char *error_message;
};
struct router_key const *router_key, uint8_t flags)
{
struct router_key_pdu pdu;
- unsigned char *data;
+ unsigned char data[RTRPDU_ROUTER_KEY_LEN];
size_t len;
uint16_t reserved;
- int error;
/* Sanity check: this can't be sent on RTRv0 */
if (version == RTR_V0)
/* Set the flags at the first 8 bits of reserved field */
reserved += (flags << 8);
set_header_values(&pdu.header, version, PDU_TYPE_ROUTER_KEY, reserved);
+ pdu.header.length = RTRPDU_ROUTER_KEY_LEN;
- pdu.ski = sk_info_get_ski(router_key->sk);
+ memcpy(pdu.ski, router_key->ski, RK_SKI_LEN);
pdu.ski_len = RK_SKI_LEN;
pdu.asn = router_key->as;
- pdu.spki = sk_info_get_spk(router_key->sk);
+ memcpy(pdu.spki, router_key->spk, RK_SPKI_LEN);
pdu.spki_len = RK_SPKI_LEN;
- pdu.header.length = RTRPDU_HDR_LEN
- + RK_SKI_LEN
- + sizeof(router_key->as)
- + RK_SPKI_LEN;
- sk_info_refget(router_key->sk);
-
- data = malloc(pdu.header.length);
- if (data == NULL) {
- error = pr_enomem();
- goto release_sk;
- }
len = serialize_router_key_pdu(&pdu, data);
- if (len != pdu.header.length) {
- sk_info_refput(router_key->sk);
- free(data);
+ if (len != RTRPDU_ROUTER_KEY_LEN)
pr_crit("Serialized Router Key PDU is %zu bytes, not the expected %u.",
len, pdu.header.length);
- }
-
- error = send_response(fd, data, len);
- free(data);
-release_sk:
- sk_info_refput(router_key->sk);
- return error;
+ return send_response(fd, data, len);
}
struct simple_param {
}
static int
-router_key_simply_send(struct delta_bgpsec const *delta, void *arg)
+router_key_simply_send(struct delta_router_key const *delta, void *arg)
{
struct simple_param *param = arg;
if ((left->data_flag & SLURM_COM_FLAG_ASN) > 0)
equal = equal && VRP_ASN_EQ(left_vrp, right_vrp);
- if ((left->data_flag & SLURM_PFX_FLAG_PREFIX) > 0)
+ if (equal && (left->data_flag & SLURM_PFX_FLAG_PREFIX) > 0)
equal = equal && VRP_PREFIX_EQ(left_vrp, right_vrp);
- if ((left->data_flag & SLURM_PFX_FLAG_MAX_LENGTH) > 0)
+ if (equal && (left->data_flag & SLURM_PFX_FLAG_MAX_LENGTH) > 0)
equal = equal &&
((left->data_flag & SLURM_PFX_FLAG_MAX_LENGTH) > 0) &&
VRP_MAX_PREFIX_LEN_EQ(left_vrp, right_vrp);
if ((left->data_flag & SLURM_COM_FLAG_ASN) > 0)
equal = equal && left->asn == right->asn;
- if ((left->data_flag & SLURM_BGPS_FLAG_SKI) > 0)
+ if (equal && (left->data_flag & SLURM_BGPS_FLAG_SKI) > 0)
equal = equal &&
memcmp(left->ski, right->ski, RK_SKI_LEN) == 0;
- if ((left->data_flag & SLURM_BGPS_FLAG_ROUTER_KEY) > 0)
+ if (equal && (left->data_flag & SLURM_BGPS_FLAG_ROUTER_KEY) > 0)
equal = equal &&
memcmp(left->router_public_key, right->router_public_key,
RK_SPKI_LEN) == 0;
slurm_db_bgpsec_is_filtered(struct router_key const *key)
{
struct slurm_bgpsec slurm_bgpsec;
+ unsigned char *tmp;
+ bool result;
- sk_info_refget(key->sk);
- slurm_bgpsec.data_flag = SLURM_COM_FLAG_ASN | SLURM_BGPS_FLAG_SKI
- | SLURM_BGPS_FLAG_ROUTER_KEY;
- slurm_bgpsec.ski = sk_info_get_ski(key->sk);
- slurm_bgpsec.router_public_key = sk_info_get_spk(key->sk);
+ tmp = malloc(RK_SKI_LEN);
+ if (tmp == NULL) {
+ pr_enomem();
+ return false;
+ }
+ slurm_bgpsec.data_flag = SLURM_COM_FLAG_ASN | SLURM_BGPS_FLAG_SKI;
+ memcpy(tmp, key->ski, RK_SKI_LEN);
+ slurm_bgpsec.ski = tmp;
+ /* Router public key isn't used at filters */
+ slurm_bgpsec.router_public_key = NULL;
slurm_bgpsec.comment = NULL;
- sk_info_refput(key->sk);
- return bgpsec_filter_exists(&slurm_bgpsec);
+ result = bgpsec_filter_exists(&slurm_bgpsec);
+ free(tmp);
+ return result;
}
int
json_array_foreach(array, index, element) {
error = load_single_bgpsec(element, is_assertion);
- if (error) {
- if (error == -EEXIST)
- pr_err(
- "The bgpsec %s element #%d, is duplicated or covered by another %s; SLURM loading will be stopped",
- (is_assertion ? "assertion" : "filter"),
- index + 1,
- (is_assertion ? "assertion" : "filter"));
- else
- pr_err(
- "Error at bgpsec %s, element #%d, SLURM loading will be stopped",
- (is_assertion ? "assertions" : "filters"),
- index + 1);
+ if (!error)
+ break;
+ if (error == -EEXIST)
+ pr_err(
+ "The bgpsec %s element #%d, is duplicated or covered by another %s; SLURM loading will be stopped",
+ (is_assertion ? "assertion" : "filter"),
+ index + 1,
+ (is_assertion ? "assertion" : "filter"));
+ else
+ pr_err(
+ "Error at bgpsec %s, element #%d, SLURM loading will be stopped",
+ (is_assertion ? "assertions" : "filters"),
+ index + 1);
- return error;
- }
+ return error;
}
return 0;
}
int
-vhandler_handle_bgpsec(unsigned char const *ski, uint32_t as,
+vhandler_handle_router_key(unsigned char const *ski, uint32_t as,
unsigned char const *spk)
{
struct validation_handler const *handler;
if (error)
return error;
- return (handler->handle_bgpsec != NULL)
- ? handler->handle_bgpsec(ski, as, spk, handler->arg)
+ return (handler->handle_router_key != NULL)
+ ? handler->handle_router_key(ski, as, spk, handler->arg)
: 0;
}
int (*handle_roa_v6)(uint32_t, struct ipv6_prefix const *, uint8_t,
void *);
/** Called every time Fort has successfully validated a BGPsec cert */
- int (*handle_bgpsec)(unsigned char const *, uint32_t,
+ int (*handle_router_key)(unsigned char const *, uint32_t,
unsigned char const *, void *);
/** Generic user-defined argument for the functions above. */
void *arg;
int vhandler_handle_roa_v4(uint32_t, struct ipv4_prefix const *, uint8_t);
int vhandler_handle_roa_v6(uint32_t, struct ipv6_prefix const *, uint8_t);
-int vhandler_handle_bgpsec(unsigned char const *, uint32_t,
+int vhandler_handle_router_key(unsigned char const *, uint32_t,
unsigned char const *);
#endif /* SRC_VALIDATION_HANDLER_H_ */
}
static int
-delta_rk_check(struct delta_bgpsec const *delta, void *arg)
+delta_rk_check(struct delta_router_key const *delta, void *arg)
{
/* FIXME (now) add index with Router key examples */
return 0;
}
static int
-rk_add(struct delta_bgpsec const *delta, void *arg)
+rk_add(struct delta_router_key const *delta, void *arg)
{
struct deltas *deltas = arg;
struct router_key key;
key = delta->router_key;
- deltas_add_bgpsec(deltas, &key, delta->flags);
+ deltas_add_router_key(deltas, &key, delta->flags);
return 0;
}
}
static int
-handle_delta_bgpsec(struct delta_bgpsec const *delta, void *arg)
+handle_delta_router_key(struct delta_router_key const *delta, void *arg)
{
int *fd = arg;
ck_assert_int_eq(0, send_router_key_pdu(*fd, RTR_V0, &delta->router_key,
ARRAYLIST_FOREACH(deltas, group, i)
ck_assert_int_eq(0, deltas_foreach(group->serial, group->deltas,
- handle_delta, handle_delta_bgpsec, &fd));
+ handle_delta, handle_delta_router_key, &fd));
return 0;
}
projects / thirdparty / FORT-validator.git / commitdiff
