On Tue, 5 Dec 2017, Andrew Cagney wrote:
But then along came NSS.
The problem with NSS is that, unlike chunks, it really isn't amenable
to being serialized (yes it can technically be done). Instead, crypto
material is locked up in PK11SymKeys and tracked using pointers and
reference counts. Instead of serialized chunks, the references are
sent to/from the workers. Quickly, the idea spread (it was, after
all, much easier than trying to understand all the WIRE stuff and
seemed to work), instead of wire chunks, normal chunks (aka plain
pointers) started being passed to/from workers as well.
To be fair, the code had to work with and without NSS via a define in
openswan, so the whole thing was not simple replacement. libreswan
removed the non-NSS version which means we can cleanup a lot now
and focus on one approach only.
So here's my solution:
Accept that pointers are being passed and make it work:
- try to apply the dogma that state and workers share no pointers
(currently MD violates this) so there is no question as to who is
responsible for releasing stuff
- handle cleaning up after an abort with a separate callback, and run
this from the main thread
- in the case of IKEv2 DH replies, at least, delete the wire stuff as
it is just adding to the general confusion
I'd like to make these changes after we relese 3.23. Or rather since we
are working on a release branch now, I wouldn't pull this into the
planned 3.23 release.
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
