[Swan-dev] shunk_t vs chunk_t
Andrew Cagney
andrew.cagney at gmail.com
Tue Mar 2 02:10:48 UTC 2021
I've pushed the below. It was a side effect of fixing a memory leak.
The cast is gone.
diff --git a/programs/pluto/security_selinux.h
b/programs/pluto/security_selinux.h
index 6f88f62c48..b8ef6120d4 100644
--- a/programs/pluto/security_selinux.h
+++ b/programs/pluto/security_selinux.h
@@ -27,13 +27,14 @@
#include <selinux/context.h>
#endif
+#include "shunk.h"
#include "chunk.h"
struct logger;
void init_selinux(struct logger *logger);
-bool se_label_match(const chunk_t *a, const chunk_t *b, struct logger *logger);
+bool se_label_match(shunk_t a, chunk_t b, struct logger *logger);
#endif /* HAVE_LABELED_IPSEC */
On Mon, 1 Mar 2021 at 14:58, Andrew Cagney <andrew.cagney at gmail.com> wrote:
>
> You do realize that sec_label is guaranteed to be NUL terminated and,
> hence, the below grotesk hack isn't needed?
>
> >
> > Here are the four calls to se_label match. Together there are eight
> > chunk_t * parameters, each for a security label. In only one case is
> > the parameter cast to chunk_t *.
> >
> > programs/pluto/connections.c:2480: && se_label_match(&sec_label, &sr->this.sec_label, logger)
> > programs/pluto/ikev1_spdb_struct.c:114: if (!se_label_match((chunk_t *)&sec_label, &c->spd.this.sec_label, st->st_logger)) {
> > programs/pluto/ikev2_ts.c:887: if (!se_label_match(&cur_i->sec_label, &d->spd.this.sec_label, logger)) {
> > programs/pluto/ikev2_ts.c:903: } else if (se_label_match(&ends->r->sec_label, &d->spd.this.sec_label, logger)) {
> >
> > | - the sec label provided by the acquire is NUL terminated byte stream
> > | (note, not string) (I hacked IKEv1 to enforce this, somewhere I've a
> > | patch for IKEv2)
> >
> > Please do fix the IKEv2 case. Right now there is code that
> > carelessly enforces the rule partially. For example, in two places
> > in score_ends_seclabel().
> >
> > | - since the sec_label bubbling up from the acquire points into a
> > | readonly-ish stack structure it's arguable that it should be a shunk_t
> >
> > I would think so.
> >
> > | where things break down is with IKEv2's struct traffic_selector (IKEv1
> > | very clearly clones the sec_label into struct state).
> > |
> > | My hunch is that IKEv2's struct traffic_selector should be a shunk_t.
> > | It starts out pointing into the pbs_in structure but then, when
> > | selected and saved, is cloned and stored in the same fields as for
> > | IKEv1 with lots of pointers updated.
> >
> > Is the only magic in freeing the shunk? Maybe we need a
> > free_shunk_content() where this magic is contained.
> > _______________________________________________
> > Swan-dev mailing list
> > Swan-dev at lists.libreswan.org
> > https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list