[Swan-commit] Changes to ref refs/heads/master
cagney at vault.libreswan.fi
Wed Dec 13 15:20:40 UTC 2017
Author: Andrew Cagney <cagney at gnu.org>
Date: Wed Dec 13 10:00:48 2017 -0500
crypto: merge IKEv1 struct pcr_skeyid_r and pcr_skeyid_q into struct pcr_dh_v1
So that any pointers passed into the crypto helper (namely the
secret) are still available when the helper finishes (or the
task is aborted).
The old code would overwrite the pointers, possibly leaking them.
Arguably, there should be two structures: one for simple IKEv1 DH
(phase 2, what ever that is); and one for IKEv1 DH+IV (phase 1,
again what ever that is). Unfortunately, the above are passed
everywhere making that change very messy.
More information about the Swan-commit