[Swan-dev] Leaks when killing states during crypto; time to drop WIRE_*?

Paul Wouters paul at nohats.ca
Tue Dec 5 16:01:45 UTC 2017

On Tue, 5 Dec 2017, Andrew Cagney wrote:

> But then along came NSS.
> The problem with NSS is that, unlike chunks, it really isn't amenable
> to being serialized (yes it can technically be done).  Instead, crypto
> material is locked up in PK11SymKeys and tracked using pointers and
> reference counts.  Instead of serialized chunks, the references are
> sent to/from the workers.  Quickly, the idea spread (it was, after
> all, much easier than trying to understand all the WIRE stuff and
> seemed to work), instead of wire chunks, normal chunks (aka plain
> pointers) started being passed to/from workers as well.

To be fair, the code had to work with and without NSS via a define in
openswan, so the whole thing was not simple replacement. libreswan
removed the non-NSS version which means we can cleanup a lot now
and focus on one approach only.

> So here's my solution:
> Accept that pointers are being passed and make it work:
> - try to apply the dogma that state and workers share no pointers
> (currently MD violates this) so there is no question as to who is
> responsible for releasing stuff
> - handle cleaning up after an abort with a separate callback, and run
> this from the main thread
> - in the case of IKEv2 DH replies, at least, delete the wire stuff as
> it is just adding to the general confusion

I'd like to make these changes after we relese 3.23. Or rather since we
are working on a release branch now, I wouldn't pull this into the
planned 3.23 release.


More information about the Swan-dev mailing list