Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: V3.7.2.0
-
Component/s: None
-
Labels:None
-
Account:SPC EthernetIp Core (SPCETHERNET)
Description
This is a minor deviation from the specification, due to our current software design.
We will keep this as a known issue of V3.7.1.0 and will solve it for a future release.
ApplyConfig currently leads to the following actions in the firmware:
- Security Config is taken over into object dictionary and is remanently stored
- Optionally, if requested by service: All connections are dropped and the new security config is loaded from object dictionary & applied at mbedtls
- Optionally, if requested by service: The cleanup service of the security object(s) is called
If option "drop connections" is not set, we currently keep running with the old configuration until a reset of the object. Instead, we are supposed to apply on-the-fly, keep the open secure connections running (or close them, dpending on the flag) and be available for new connections right away, without a reset.
Apparently, this has been done because of an issue with the PolicyManager (which expects a reply within 3 seconds which we would miss otherwise), and because there is no proper synchronization with the TLS/TCP layer (PSEIP-124). Also we are currently not able to have connections with multiple different security configurations.
Attachments
Issue Links
- is cloned by
-
-
- Closed
-