charon-tkm: Return cloned host from tkm_kernel_sad_t::get_dst_host()
authorTobias Brunner <tobias@strongswan.org>
Wed, 7 Jun 2017 13:46:26 +0000 (15:46 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 14 Jun 2017 07:57:09 +0000 (09:57 +0200)
When an expire is triggered while rekeying, the CHILD_SA might be deleted
while the returned host is still used to queue a rekey job for the CHILD_SA.

src/charon-tkm/src/ees/ees_callbacks.c
src/charon-tkm/src/tkm/tkm_kernel_sad.c
src/charon-tkm/src/tkm/tkm_kernel_sad.h

index f4107d9..a36629b 100644 (file)
@@ -47,4 +47,5 @@ void charon_esa_expire(result_type *res, const sp_id_type sp_id,
        DBG1(DBG_KNL, "ees: expire received for reqid %u, spi %x, dst %H", sp_id,
                 ntohl(spi_rem), dst);
        charon->kernel->expire(charon->kernel, protocol, spi_rem, dst, hard != 0);
+       dst->destroy(dst);
 }
index 97226f1..c888f25 100644 (file)
@@ -283,7 +283,7 @@ METHOD(tkm_kernel_sad_t, get_dst_host, host_t *,
                                                                                        (void**)&entry, &reqid, &spi, &proto);
        if (res && entry)
        {
-               dst = entry->dst;
+               dst = entry->dst->clone(entry->dst);
                DBG3(DBG_KNL, "returning destination host %H of SAD entry (reqid: %u,"
                         " spi: %x, proto: %u)", dst, reqid, ntohl(spi), proto);
        }
index ba64621..63d02b7 100644 (file)
@@ -79,7 +79,8 @@ struct tkm_kernel_sad_t {
         * @param reqid                 reqid of CHILD SA
         * @param spi                   Remote SPI of CHILD SA
         * @param proto                 protocol of CHILD SA (ESP/AH)
-        * @return                              destination host of entry if found, NULL otherwise
+        * @return                              destination host of entry if found (cloned),
+        *                                              NULL otherwise
         */
        host_t * (*get_dst_host)(tkm_kernel_sad_t * const this,
                          const uint32_t reqid, const uint32_t spi, const uint8_t proto);