From 98d1aed973c7a9f232bbae019d1c6b87c175d1ed Mon Sep 17 00:00:00 2001 From: Rongli Sun Date: Tue, 3 Sep 2024 05:02:51 +0800 Subject: [PATCH] [border-agent] apply pskc if changed (#10641) This commit applies new pskc into secure transport when it's changed via active/pending dataset, without impacting existing secure session if any or ephemeralkey mode if it's activated --- src/core/meshcop/border_agent.cpp | 38 ++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 8 deletions(-) diff --git a/src/core/meshcop/border_agent.cpp b/src/core/meshcop/border_agent.cpp index 6c67c6a5b71..3a61a0ea9ad 100644 --- a/src/core/meshcop/border_agent.cpp +++ b/src/core/meshcop/border_agent.cpp @@ -308,19 +308,41 @@ Error BorderAgent::SetId(const Id &aId) void BorderAgent::HandleNotifierEvents(Events aEvents) { - VerifyOrExit(aEvents.ContainsAny(kEventThreadRoleChanged | kEventCommissionerStateChanged)); - + if ((aEvents.ContainsAny(kEventThreadRoleChanged | kEventCommissionerStateChanged))) + { #if OPENTHREAD_CONFIG_COMMISSIONER_ENABLE && OPENTHREAD_FTD - VerifyOrExit(Get().IsDisabled()); + VerifyOrExit(Get().IsDisabled()); #endif - if (Get().IsAttached()) - { - Start(); + if (Get().IsAttached()) + { + Start(); + } + else + { + Stop(); + } } - else + + if (aEvents.ContainsAny(kEventPskcChanged)) { - Stop(); + VerifyOrExit(mState != kStateStopped); + +#if OPENTHREAD_CONFIG_BORDER_AGENT_EPHEMERAL_KEY_ENABLE + // No-op if Ephemeralkey mode is activated, new pskc will be applied + // when Ephemeralkey mode is deactivated. + VerifyOrExit(!mUsingEphemeralKey); +#endif + + { + Pskc pskc; + Get().GetPskc(pskc); + + // If there is secure session already established, it won't be impacted, + // new pskc will be applied for next connection. + SuccessOrExit(Get().SetPsk(pskc.m8, Pskc::kSize)); + pskc.Clear(); + } } exit: