Skip to content

Commit

Permalink
Clean up old PSK id when changing id for existing endpoint
Browse files Browse the repository at this point in the history
Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>
  • Loading branch information
scop authored and sbernard31 committed Apr 25, 2017
1 parent 00db6ec commit 349a292
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,24 @@ public void nonunique_psk_identity() throws NonUniqueSecurityInfoException {
}
}

@Test
public void change_psk_identity_cleanup() throws NonUniqueSecurityInfoException {
helper.createServer();
helper.server.start();

EditableSecurityStore ess = helper.getSecurityStore();

ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, BAD_PSK_ID, BAD_PSK_KEY));
// Change PSK id for endpoint
ess.add(SecurityInfo.newPreSharedKeyInfo(GOOD_ENDPOINT, GOOD_PSK_ID, GOOD_PSK_KEY));
// Original/old PSK id should not be reserved any more
try {
ess.add(SecurityInfo.newPreSharedKeyInfo(BAD_ENDPOINT, BAD_PSK_ID, BAD_PSK_KEY));
} catch (NonUniqueSecurityInfoException e) {
fail("PSK identity change for existing endpoint should have cleaned up old PSK identity");
}
}

@Ignore
// TODO implement RPK support for client
@Test
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,13 @@ public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException
}
j.hset(PSKID_SEC.getBytes(), info.getIdentity().getBytes(), info.getEndpoint().getBytes());
}
j.set((SEC_EP + info.getEndpoint()).getBytes(), data);

byte[] previousData = j.getSet((SEC_EP + info.getEndpoint()).getBytes(), data);
SecurityInfo previous = previousData == null ? null : deserialize(previousData);
String previousIdentity = previous == null ? null : previous.getIdentity();
if (previousIdentity != null && !previousIdentity.equals(info.getIdentity())) {
j.hdel(PSKID_SEC, previousIdentity);
}
return null;
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,10 @@ public SecurityInfo add(SecurityInfo info) throws NonUniqueSecurityInfoException
}

SecurityInfo previous = securityByEp.put(info.getEndpoint(), info);
String previousIdentity = previous == null ? null : previous.getIdentity();
if (previousIdentity != null && !previousIdentity.equals(identity)) {
securityByIdentity.remove(previousIdentity);
}

return previous;
} finally {
Expand Down

0 comments on commit 349a292

Please sign in to comment.