Skip to content
Permalink
Browse files

wo#8179 . defer freeing states until all references are clearly gone,…

… clear them out in the main loop
  • Loading branch information...
mcr authored and shussain committed Mar 7, 2019
1 parent 0de3220 commit 17b3db6c165f2127f210dbcf063f1fa525234728
Showing with 881 additions and 27 deletions.
  1. +3 −0 programs/pluto/server.c
  2. +24 −2 programs/pluto/state.c
  3. +1 −0 programs/pluto/state.h
  4. +43 −1 tests/unit/libpluto/lp02-parentI1/output.txt
  5. +0 −1 tests/unit/libpluto/lp02-parentI1/parentI1_main.c
  6. +43 −0 tests/unit/libpluto/lp06-parentR1notchosen/output.txt
  7. +0 −1 tests/unit/libpluto/lp06-parentR1notchosen/parentI1R1.c
  8. +2 −2 tests/unit/libpluto/lp08-parentR1/output1.txt
  9. +45 −1 tests/unit/libpluto/lp08-parentR1/output2.txt
  10. +45 −1 tests/unit/libpluto/lp08-parentR1/output3.txt
  11. +0 −1 tests/unit/libpluto/lp08-parentR1/parentR1_main.c
  12. +43 −1 tests/unit/libpluto/lp14-initiateself/output.txt
  13. +45 −1 tests/unit/libpluto/lp15-respondself/output1.txt
  14. +43 −1 tests/unit/libpluto/lp18-certificateselfI1/output.txt
  15. +45 −1 tests/unit/libpluto/lp19-certreplyselfR1/output1.txt
  16. +43 −1 tests/unit/libpluto/lp23-davecertI1/output.txt
  17. +43 −1 tests/unit/libpluto/lp27-dnsloadI1/output.txt
  18. +0 −1 tests/unit/libpluto/lp33-dnsload2/dnscpeI1.c
  19. +43 −0 tests/unit/libpluto/lp33-dnsload2/output.txt
  20. +43 −1 tests/unit/libpluto/lp36-h2hI1/output.txt
  21. +45 −1 tests/unit/libpluto/lp37-h2hR1/output1.txt
  22. +3 −1 tests/unit/libpluto/lp43-parentM1/output.txt
  23. +43 −1 tests/unit/libpluto/lp52-davecert-gatewayID-I1/output.txt
  24. +45 −1 tests/unit/libpluto/lp53-davecert-gatewayID-R1/output1.txt
  25. +43 −1 tests/unit/libpluto/lp61-nattI1/output.txt
  26. +45 −1 tests/unit/libpluto/lp62-nattR1/output1.txt
  27. +15 −1 tests/unit/libpluto/lp71-alg-h2hI1/output.txt
  28. +45 −1 tests/unit/libpluto/lp72-alg-h2hR1/output1.txt
  29. +43 −1 tests/unit/libpluto/lp76-s2s-while-h2h-I1/output.txt
@@ -591,6 +591,9 @@ call_server(void)
long next_time = next_event(); /* time to any pending timer event */
int maxfd = ctl_fd;

/* free up any states not yet freed */
do_state_frees();

if (sigtermflag)
exit_pluto(0);

@@ -308,6 +308,27 @@ rehash_state(struct state *st)
insert_state(st);
}

struct state *st_state_to_be_freed = NULL;
/*
* place a state onto a chain of states to delete in the main loop.
*/
static void
mark_state_freed(struct state *st)
{
st->st_hashchain_next = st_state_to_be_freed;
st_state_to_be_freed = st;
}

void
do_state_frees(void)
{
while(st_state_to_be_freed != NULL) {
struct state *tbf = st_state_to_be_freed;
st_state_to_be_freed = st_state_to_be_freed->st_hashchain_next;
free_state(tbf);
}
}

/* unlink a state object from the hash table, but don't free it
*/
void
@@ -567,8 +588,9 @@ delete_state(struct state *st)
change_state(st, STATE_UNDEFINED);
release_whack(st);

/* now actually delete the object */
free_state(st);
/* object is not deleted here, because it still exists in many stack
* frames, but instead is added to a to-be-freed list */
mark_state_freed(st);
}

/*
@@ -448,6 +448,7 @@ extern void state_eroute_usage(ip_subnet *ours, ip_subnet *his
, unsigned long count, time_t nw);
extern void free_state(struct state *st);
extern void delete_state(struct state *st);
extern void do_state_frees(void);
struct connection; /* forward declaration of tag */
extern void delete_states_by_connection(struct connection *c, bool relations);
extern void delete_p2states_by_connection(struct connection *c);
@@ -477,10 +477,46 @@ sending 892 bytes for ikev2_parent_outI1_common through eth0:500 [192.168.1.1:50
| ICOOKIE: 80 01 02 03 04 05 06 07
| RCOOKIE: 00 00 00 00 00 00 00 00
| state hash entry 4
| freeing state object #1
./parentI1 deleting connection
| pass 0: considering CHILD SAs to delete
| pass 1: considering PARENT SAs to delete
./parentI1 leak: saved first packet, item size: X
./parentI1 leak: reply packet for ikev2_parent_outI1_tail, item size: X
./parentI1 leak: sa in main_outI1, item size: X
./parentI1 leak: db_attrs, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_v2_prop, item size: X
./parentI1 leak: db_attrs, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_attrs, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_attrs, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_attrs, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: db_attrs, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: initiator nonce, item size: X
./parentI1 leak: long term secret, item size: X
./parentI1 leak: saved gi value, item size: X
./parentI1 leak: msg_digest, item size: X
./parentI1 leak: ikev2_outI1 KE, item size: X
./parentI1 leak: db_attrs, item size: X
@@ -514,6 +550,12 @@ sending 892 bytes for ikev2_parent_outI1_common through eth0:500 [192.168.1.1:50
./parentI1 leak: db_attrs, item size: X
./parentI1 leak: db_v2_trans, item size: X
./parentI1 leak: db_v2_prop_conj, item size: X
./parentI1 leak: 12 * sa copy attrs array, item size: X
./parentI1 leak: sa copy trans array, item size: X
./parentI1 leak: sa copy prop array, item size: X
./parentI1 leak: sa copy prop conj array, item size: X
./parentI1 leak: sa copy prop_conj, item size: X
./parentI1 leak: struct state in new_state(), item size: X
./parentI1 leak: policies path, item size: X
./parentI1 leak: ocspcerts path, item size: X
./parentI1 leak: aacerts path, item size: X
@@ -65,7 +65,6 @@ int main(int argc, char *argv[])
st = state_with_serialno(1);
if(st!=NULL) {
delete_state(st);
free_state(st);
}
#endif

@@ -206,6 +206,43 @@ sending 36 bytes for send_v2_notification through eth0:500 [192.168.1.1:500] to
| state transition function for no-state failed: AUTHENTICATION_FAILED
./parentI1R1 deleting state #1 (STATE_PARENT_I1)
./parentI1R1 leak: notification packet, item size: X
./parentI1R1 leak: saved first packet, item size: X
./parentI1R1 leak: reply packet for ikev2_parent_outI1_tail, item size: X
./parentI1R1 leak: sa in main_outI1, item size: X
./parentI1R1 leak: db_attrs, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_v2_prop, item size: X
./parentI1R1 leak: db_attrs, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_attrs, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_attrs, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_attrs, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: db_attrs, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: initiator nonce, item size: X
./parentI1R1 leak: long term secret, item size: X
./parentI1R1 leak: saved gi value, item size: X
./parentI1R1 leak: msg_digest, item size: X
./parentI1R1 leak: ikev2_outI1 KE, item size: X
./parentI1R1 leak: db_attrs, item size: X
@@ -239,6 +276,12 @@ sending 36 bytes for send_v2_notification through eth0:500 [192.168.1.1:500] to
./parentI1R1 leak: db_attrs, item size: X
./parentI1R1 leak: db_v2_trans, item size: X
./parentI1R1 leak: db_v2_prop_conj, item size: X
./parentI1R1 leak: 12 * sa copy attrs array, item size: X
./parentI1R1 leak: sa copy trans array, item size: X
./parentI1R1 leak: sa copy prop array, item size: X
./parentI1R1 leak: sa copy prop conj array, item size: X
./parentI1R1 leak: sa copy prop_conj, item size: X
./parentI1R1 leak: struct state in new_state(), item size: X
./parentI1R1 leak: 2 * keep id name, item size: X
./parentI1R1 leak: ID host_pair, item size: X
./parentI1R1 leak: host_pair, item size: X
@@ -128,7 +128,6 @@ int main(int argc, char *argv[])
st = state_with_serialno(1);
if(st!=NULL) {
delete_state(st);
free_state(st);
}

report_leaks();
@@ -229,7 +229,7 @@ sending 40 bytes for send_v2_notification through eth0:500 [132.213.238.7:500] t
| RCOOKIE: de bc 58 3a 8f 40 d0 cf
| state hash entry 28
| #1 complete v2 state transition with STF_FAIL+25
./parentR1 STATE_CHILDSA_DEL: INVALID_KEY_INFORMATION
./parentR1 STATE_UNDEFINED: INVALID_KEY_INFORMATION
./parentR1 sending notification ISAKMP_v2_SA_INIT/v2N_INVALID_KE_PAYLOAD to 192.168.1.1:500
| **emit ISAKMP Message:
| initiator cookie:
@@ -253,7 +253,7 @@ sending 36 bytes for send_v2_notification through eth0:500 [132.213.238.7:500] t
| 00 01 02 03 04 05 06 07 de bc 58 3a 8f 40 d0 cf
| 29 20 22 20 00 00 00 00 00 00 00 24 00 00 00 08
| 01 00 00 11
| state transition function for STATE_CHILDSA_DEL failed: INVALID_KEY_INFORMATION
| state transition function for STATE_UNDEFINED failed: INVALID_KEY_INFORMATION
./parentR1 deleting connection
| pass 0: considering CHILD SAs to delete
| pass 1: considering PARENT SAs to delete
@@ -335,11 +335,55 @@ sending 432 bytes for STATE_IKEv2_START through eth0:500 [132.213.238.7:500] to
| ICOOKIE: 80 01 02 03 04 05 06 07
| RCOOKIE: de bc 58 3a 8f 40 d0 cf
| state hash entry 28
| freeing state object #1
./parentR1 deleting connection
| pass 0: considering CHILD SAs to delete
| pass 1: considering PARENT SAs to delete
./parentR1 leak: reply packet, item size: X
./parentR1 leak: saved first packet, item size: X
./parentR1 leak: initiator nonce, item size: X
./parentR1 leak: long term secret, item size: X
./parentR1 leak: saved gi value, item size: X
./parentR1 leak: nonce, item size: X
./parentR1 leak: Gi, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_prop, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: 12 * sa copy attrs array, item size: X
./parentR1 leak: sa copy trans array, item size: X
./parentR1 leak: sa copy prop array, item size: X
./parentR1 leak: sa copy prop conj array, item size: X
./parentR1 leak: sa copy prop_conj, item size: X
./parentR1 leak: saved first received packet, item size: X
./parentR1 leak: ikev2_inI1outR1 KE, item size: X
./parentR1 leak: struct state in new_state(), item size: X
./parentR1 leak: msg_digest, item size: X
./parentR1 leak: policies path, item size: X
./parentR1 leak: ocspcerts path, item size: X
@@ -328,11 +328,55 @@ sending 432 bytes for STATE_IKEv2_START through eth0:500 [132.213.238.7:500] to
| ICOOKIE: 80 01 02 03 04 05 06 07
| RCOOKIE: de bc 58 3a 8f 40 d0 cf
| state hash entry 28
| freeing state object #1
./parentR1 deleting connection
| pass 0: considering CHILD SAs to delete
| pass 1: considering PARENT SAs to delete
./parentR1 leak: reply packet, item size: X
./parentR1 leak: saved first packet, item size: X
./parentR1 leak: initiator nonce, item size: X
./parentR1 leak: long term secret, item size: X
./parentR1 leak: saved gi value, item size: X
./parentR1 leak: nonce, item size: X
./parentR1 leak: Gi, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_prop, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: db_attrs, item size: X
./parentR1 leak: db_v2_trans, item size: X
./parentR1 leak: db_v2_prop_conj, item size: X
./parentR1 leak: 12 * sa copy attrs array, item size: X
./parentR1 leak: sa copy trans array, item size: X
./parentR1 leak: sa copy prop array, item size: X
./parentR1 leak: sa copy prop conj array, item size: X
./parentR1 leak: sa copy prop_conj, item size: X
./parentR1 leak: saved first received packet, item size: X
./parentR1 leak: ikev2_inI1outR1 KE, item size: X
./parentR1 leak: struct state in new_state(), item size: X
./parentR1 leak: msg_digest, item size: X
./parentR1 leak: policies path, item size: X
./parentR1 leak: ocspcerts path, item size: X
@@ -116,7 +116,6 @@ int main(int argc, char *argv[])
st = state_with_serialno(1);
if(st!=NULL) {
delete_state(st);
free_state(st);
}

delete_connection(c1, TRUE);
@@ -490,10 +490,46 @@ sending 892 bytes for ikev2_parent_outI1_common through eth0:500 [93.184.216.34:
| ICOOKIE: 80 01 02 03 04 05 06 07
| RCOOKIE: 00 00 00 00 00 00 00 00
| state hash entry 4
| freeing state object #1
./initiateselfI1 deleting connection
| pass 0: considering CHILD SAs to delete
| pass 1: considering PARENT SAs to delete
./initiateselfI1 leak: saved first packet, item size: X
./initiateselfI1 leak: reply packet for ikev2_parent_outI1_tail, item size: X
./initiateselfI1 leak: sa in main_outI1, item size: X
./initiateselfI1 leak: db_attrs, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_v2_prop, item size: X
./initiateselfI1 leak: db_attrs, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_attrs, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_attrs, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_attrs, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: db_attrs, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: initiator nonce, item size: X
./initiateselfI1 leak: long term secret, item size: X
./initiateselfI1 leak: saved gi value, item size: X
./initiateselfI1 leak: msg_digest, item size: X
./initiateselfI1 leak: ikev2_outI1 KE, item size: X
./initiateselfI1 leak: db_attrs, item size: X
@@ -527,6 +563,12 @@ sending 892 bytes for ikev2_parent_outI1_common through eth0:500 [93.184.216.34:
./initiateselfI1 leak: db_attrs, item size: X
./initiateselfI1 leak: db_v2_trans, item size: X
./initiateselfI1 leak: db_v2_prop_conj, item size: X
./initiateselfI1 leak: 12 * sa copy attrs array, item size: X
./initiateselfI1 leak: sa copy trans array, item size: X
./initiateselfI1 leak: sa copy prop array, item size: X
./initiateselfI1 leak: sa copy prop conj array, item size: X
./initiateselfI1 leak: sa copy prop_conj, item size: X
./initiateselfI1 leak: struct state in new_state(), item size: X
./initiateselfI1 leak: keep id name, item size: X
./initiateselfI1 leak: pubkey entry, item size: X
./initiateselfI1 leak: rfc3110 format of public key, item size: X
Oops, something went wrong.

0 comments on commit 17b3db6

Please sign in to comment.
You can’t perform that action at this time.