[Swan-commit] Changes to ref refs/heads/master
Andrew Cagney
cagney at vault.libreswan.fi
Wed Dec 13 18:22:26 UTC 2017
New commits:
commit c74c60162bc9648658ab48b6d53bee458603610e
Author: Andrew Cagney <cagney at gnu.org>
Date: Tue Dec 12 14:46:16 2017 -0500
crypt: don't share DH secret between main and crypto helper threads
Instead transfer it back and forth between the state and helper
objects so that, at any point, there is only one owner. Blame IKEv1
for this added complexity in the comments; pure IKEv2 can simply send
and forget.
Fixes a use-after-free where the main thread deletes the DH secret
while the crypto helper is still trying to to use it.
Does not fix a leak of the DH secret where the crypto helper either
gets cancelled or finds its state was deleted.
More information about the Swan-commit
mailing list