Download raw body.
bgpd: deconfigure md5 key after config was fully reloaded
On Wed, Sep 04, 2024 at 02:42:57PM +0200, Claudio Jeker wrote: > Right now we call pfkey_remove() in merge_peers() in the parent process > before sending the config over to the session engine. The result is that > the NOTIFICATION sent by the session engine is no longer md5 signed. > > Instead delay deallocation of peers in the config until the session engine > sent the IMSG_RECONF_DONE message. By that time old sessions have been > shutdown and any pending notification should have made it out. > > See also https://github.com/openbgpd-portable/openbgpd-portable/issues/82 This all makes sense and reads fine. ok tb
bgpd: deconfigure md5 key after config was fully reloaded