diff options
| author |   renato <renato@openbsd.org> | 2016-06-06 15:30:59 +0000 |
|---|---|---|
| committer | renato <renato@openbsd.org> | 2016-06-06 15:30:59 +0000 |
| commit | 07f785101710f80472d425bb964bb9d3f1c4b356 (patch) | |
| tree | a5c51bccd25b4a50a48f4af0d93e45c00b4cd8a4 | |
| parent | Remove the section about generating DSA keys for webservers etc from the ssl(8) (diff) | |
| download | wireguard-openbsd-07f785101710f80472d425bb964bb9d3f1c4b356.tar.xz wireguard-openbsd-07f785101710f80472d425bb964bb9d3f1c4b356.zip | |
Speed up session establishment after config reload.
If we change a neighbor's password or the global transport-address,
cancel the affected pending connects and, when playing the active role
of the session establishment process, try to connect again right away
with the new password and/or transport-address.
Without this patch we have to wait for the timeout of the pending
connects, which might be a lot of time.
| -rw-r--r-- | usr.sbin/ldpd/ldpd.c | 11 | ||||
| -rw-r--r-- | usr.sbin/ldpd/packet.c | 28 |
2 files changed, 28 insertions, 11 deletions
diff --git a/usr.sbin/ldpd/ldpd.c b/usr.sbin/ldpd/ldpd.c index e1b3ab4e5af..48b8f9627a1 100644 --- a/usr.sbin/ldpd/ldpd.c +++ b/usr.sbin/ldpd/ldpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldpd.c,v 1.48 2016/05/23 19:16:00 renato Exp $ */ +/* $OpenBSD: ldpd.c,v 1.49 2016/06/06 15:30:59 renato Exp $ */ /* * Copyright (c) 2013, 2016 Renato Westphal <renato@openbsd.org> @@ -860,12 +860,13 @@ merge_af(int af, struct ldpd_af_conf *af_conf, struct ldpd_af_conf *xa) continue; session_shutdown(nbr, S_SHUTDOWN, 0, 0); - pfkey_remove(nbr); nbr->laddr = af_conf->trans_addr; nbrp = nbr_params_find(leconf, nbr->id); if (nbrp && pfkey_establish(nbr, nbrp) == -1) fatalx("pfkey setup failed"); + if (nbr_session_active_role(nbr)) + nbr_establish_connection(nbr); } } } @@ -974,6 +975,8 @@ merge_nbrps(struct ldpd_conf *conf, struct ldpd_conf *xconf) if (nbr) { session_shutdown(nbr, S_SHUTDOWN, 0, 0); pfkey_remove(nbr); + if (nbr_session_active_role(nbr)) + nbr_establish_connection(nbr); } } LIST_REMOVE(nbrp, entry); @@ -992,6 +995,8 @@ merge_nbrps(struct ldpd_conf *conf, struct ldpd_conf *xconf) session_shutdown(nbr, S_SHUTDOWN, 0, 0); if (pfkey_establish(nbr, xn) == -1) fatalx("pfkey setup failed"); + if (nbr_session_active_role(nbr)) + nbr_establish_connection(nbr); } } continue; @@ -1019,6 +1024,8 @@ merge_nbrps(struct ldpd_conf *conf, struct ldpd_conf *xconf) pfkey_remove(nbr); if (pfkey_establish(nbr, nbrp) == -1) fatalx("pfkey setup failed"); + if (nbr_session_active_role(nbr)) + nbr_establish_connection(nbr); } } LIST_REMOVE(xn, entry); diff --git a/usr.sbin/ldpd/packet.c b/usr.sbin/ldpd/packet.c index 95efc55f774..e4b672db8f2 100644 --- a/usr.sbin/ldpd/packet.c +++ b/usr.sbin/ldpd/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.58 2016/05/23 19:14:03 renato Exp $ */ +/* $OpenBSD: packet.c,v 1.59 2016/06/06 15:30:59 renato Exp $ */ /* * Copyright (c) 2013, 2016 Renato Westphal <renato@openbsd.org> @@ -619,17 +619,27 @@ void session_shutdown(struct nbr *nbr, uint32_t status, uint32_t msgid, uint32_t type) { - if (nbr->tcp == NULL) - return; - - log_debug("%s: lsr-id %s", __func__, inet_ntoa(nbr->id)); + switch (nbr->state) { + case NBR_STA_PRESENT: + if (nbr_pending_connect(nbr)) + event_del(&nbr->ev_connect); + break; + case NBR_STA_INITIAL: + case NBR_STA_OPENREC: + case NBR_STA_OPENSENT: + case NBR_STA_OPER: + log_debug("%s: lsr-id %s", __func__, inet_ntoa(nbr->id)); - send_notification_nbr(nbr, status, msgid, type); + send_notification_nbr(nbr, status, msgid, type); - /* try to flush write buffer, if it fails tough shit */ - msgbuf_write(&nbr->tcp->wbuf.wbuf); + /* try to flush write buffer, if it fails tough shit */ + msgbuf_write(&nbr->tcp->wbuf.wbuf); - nbr_fsm(nbr, NBR_EVT_CLOSE_SESSION); + nbr_fsm(nbr, NBR_EVT_CLOSE_SESSION); + break; + default: + fatalx("session_shutdown: unknown neighbor state"); + } } void |