]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6f456af) | patch
ike-sa-manager: Make sure flush() removes entries that might get added concurrently
authorTobias Brunner <tobias@strongswan.org>
Fri, 26 Aug 2022 14:14:30 +0000 (16:14 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 20 Sep 2022 08:06:14 +0000 (10:06 +0200)
commit2740c50bb8056fde570146fcd5e2c703bd54a840
tree786c1c655ab6b56a67cda6cfbb36e252461d0c32tree
parent6f456afe39a91e91c61e3218e4ea9faa19c1a4ddcommit | diff
ike-sa-manager: Make sure flush() removes entries that might get added concurrently

Because flush() has to release the segment locks intermittently, threads
might add new entries (even with the change in the previous commit as the
IKE_SA might already be created, just not registered/checked in yet).

Since those entries are added to the front of the segment lists, the
enumerator in the previous step 2 didn't notice them and did not wait
for them to get checked in.  However, step 3 and 4 then proceeded to
delete and destroy the entry and IKE_SA, which could lead to a crash
once the other thread attempts to check in the already destroyed IKE_SA.

This change combines the three loops of steps 2-4 but then loops over
the whole table until it's actually empty.  This way we wait for and
destroy newly added entries.
src/libcharon/sa/ike_sa_manager.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.