diff options
| author |   markus <markus@openbsd.org> | 2014-05-06 09:48:40 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2014-05-06 09:48:40 +0000 |
| commit | 4697d2e3bd014797ed8b327306077d52897f4db3 (patch) | |
| tree | 0dedc41d7b5a24583a49325d7a9ed95d81d7fa5e /lib | |
| parent | Plug two xfer leaks and a buffer one. (diff) | |
| download | wireguard-openbsd-4697d2e3bd014797ed8b327306077d52897f4db3.tar.xz wireguard-openbsd-4697d2e3bd014797ed8b327306077d52897f4db3.zip | |
cleanup IKE-SA tree handling (fixes repeated-insert & double-remove)
sa_new() always re-inserts an SA into the SA tree. in case of a key
collision it would try to free the new SA. While doing that it would
accidentially free the existing SA, since config_free_sa() does
RB_REMOVE() uncoditionally. This change fixes this by:
a) moving the responsibility for RB_REMOVE() to CALLER of config_free_sa() and
b) by calling config_free_sa() instead of sa_free() from sa_new()
It also changes to code to NEVER re-add an SA to the tree. So
RB_INSERT() is ONLY called once per SA. The code also makes sure
that there is always a KEY defined for this tree (ispi).
ok mikeb@
Diffstat (limited to 'lib')
0 files changed, 0 insertions, 0 deletions