From: Reto Buerki <reet@codelabs.ch>
Date: Thu, 30 Aug 2012 12:42:19 +0000 (+0200)
Subject: keymat: Acquire ISA context ID on initialization
X-Git-Tag: 5.0.3rc1~39^2~72
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bf1034a7764d10dece4744750d3ab42706131ec3;p=thirdparty%2Fstrongswan.git

keymat: Acquire ISA context ID on initialization
---

diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c
index 3b1fd1cd20..50d93fc64d 100644
--- a/src/charon-tkm/src/tkm/tkm_keymat.c
+++ b/src/charon-tkm/src/tkm/tkm_keymat.c
@@ -56,6 +56,11 @@ struct private_tkm_keymat_t {
 	 */
 	aead_t *aead_out;
 
+	/**
+	 * ISA context id.
+	 */
+	isa_id_type isa_ctx_id;
+
 };
 
 /**
@@ -224,7 +229,8 @@ METHOD(tkm_keymat_t, derive_ike_keys, bool,
 	DBG1(DBG_IKE, "deriving IKE keys (nc: %llu, dh: %llu, spi_loc: %llx, "
 			"spi_rem: %llx)", nc_id, dh_id, spi_loc, spi_rem);
 	/* Fake some data for now */
-	if (ike_isa_create(1, 1, 1, dh_id, nc_id, nonce_rem, 1, spi_loc, spi_rem,
+	if (ike_isa_create(this->isa_ctx_id, 1, 1, dh_id, nc_id, nonce_rem, 1,
+				spi_loc, spi_rem,
 				&sk_ai, &sk_ar, &sk_ei, &sk_er) != TKM_OK)
 	{
 		DBG1(DBG_IKE, "key derivation failed");
@@ -318,7 +324,8 @@ METHOD(tkm_keymat_t, get_psk_sig, bool,
 	idx_type idx;
 	chunk_to_sequence(&idx_chunk, &idx);
 
-	if (ike_isa_sign_psk(1, msg, idx, verify == TRUE, &signature) != TKM_OK)
+	if (ike_isa_sign_psk(this->isa_ctx_id, msg, idx, verify == TRUE, &signature)
+			!= TKM_OK)
 	{
 		DBG1(DBG_IKE, "get %s PSK signature failed", verify ?
 				"remote" : "local");
@@ -332,6 +339,12 @@ METHOD(tkm_keymat_t, get_psk_sig, bool,
 METHOD(keymat_t, destroy, void,
 	private_tkm_keymat_t *this)
 {
+	if (ike_isa_reset(this->isa_ctx_id) != TKM_OK)
+	{
+		DBG1(DBG_IKE, "failed to reset ISA context %d", this->isa_ctx_id);
+	}
+	tkm->idmgr->release_id(tkm->idmgr, TKM_CTX_ISA, this->isa_ctx_id);
+
 	DESTROY_IF(this->aead_in);
 	DESTROY_IF(this->aead_out);
 	this->proxy->keymat.destroy(&this->proxy->keymat);
@@ -361,8 +374,15 @@ tkm_keymat_t *tkm_keymat_create(bool initiator)
 			.get_psk_sig = _get_psk_sig,
 		},
 		.initiator = initiator,
+		.isa_ctx_id = tkm->idmgr->acquire_id(tkm->idmgr, TKM_CTX_ISA),
 		.proxy = keymat_v2_create(initiator),
 	);
 
+	if (!this->isa_ctx_id)
+	{
+		free(this);
+		return NULL;
+	}
+
 	return &this->public;
 }