From 4ea739baf4150025d76de1aa7cfe92bb0659d9f1 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Mon, 2 Oct 2023 16:20:01 +0200 Subject: [PATCH] quick-mode: Maintain reference to reqid while CHILD_SA is established --- src/libcharon/sa/ikev1/tasks/quick_mode.c | 15 ++++++++++++++- src/libcharon/sa/ikev1/tasks/quick_mode.h | 4 ++++ 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c index 3d2e3efbe4..e403c366d6 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.c +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c @@ -1432,7 +1432,16 @@ METHOD(quick_mode_t, get_mid, uint32_t, METHOD(quick_mode_t, use_reqid, void, private_quick_mode_t *this, uint32_t reqid) { - this->child.reqid = reqid; + uint32_t existing_reqid = this->child.reqid; + + if (!reqid || charon->kernel->ref_reqid(charon->kernel, reqid) == SUCCESS) + { + this->child.reqid = reqid; + if (existing_reqid) + { + charon->kernel->release_reqid(charon->kernel, existing_reqid); + } + } } METHOD(quick_mode_t, use_marks, void, @@ -1496,6 +1505,10 @@ METHOD(task_t, destroy, void, DESTROY_IF(this->child_sa); DESTROY_IF(this->config); DESTROY_IF(this->dh); + if (this->child.reqid) + { + charon->kernel->release_reqid(charon->kernel, this->child.reqid); + } free(this); } diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.h b/src/libcharon/sa/ikev1/tasks/quick_mode.h index 08aa15f46d..2b04894072 100644 --- a/src/libcharon/sa/ikev1/tasks/quick_mode.h +++ b/src/libcharon/sa/ikev1/tasks/quick_mode.h @@ -50,6 +50,10 @@ struct quick_mode_t { /** * Use a specific reqid to install this CHILD_SA. * + * This must only be called with dynamically allocated reqids (i.e. from + * kernel_interface_t::alloc_reqid()), the method takes a reference that's + * maintained for the lifetime of the task. + * * @param reqid reqid to use */ void (*use_reqid)(quick_mode_t *this, uint32_t reqid); -- 2.47.2