fixing some memory leaks

4 files changed, 31 insertions, 4 deletions

diff --git a/src/charon/encoding/payloads/endpoint_notify.c b/src/charon/encoding/payloads/endpoint_notify.c
index 03fc153c0..742643edc 100644
--- a/src/charon/encoding/payloads/endpoint_notify.c
+++ b/src/charon/encoding/payloads/endpoint_notify.c
@@ -316,6 +316,7 @@ static endpoint_notify_t *_clone(private_endpoint_notify_t *this)
 static status_t destroy(private_endpoint_notify_t *this)
 {
 	DESTROY_IF(this->endpoint);
+	DESTROY_IF(this->base);
 	free(this);
 	return SUCCESS;
 }
@@ -374,6 +375,7 @@ endpoint_notify_t *endpoint_notify_create_from_host(me_endpoint_type_t type, hos
 			break;
 	}
 	
+	/* FIXME: if there is more than one ip address we should vary this priority */
 	this->priority += 65535;
 	
 	if (!host)
@@ -390,7 +392,7 @@ endpoint_notify_t *endpoint_notify_create_from_host(me_endpoint_type_t type, hos
 			this->family = IPv6;
 			break;
 		default:
-			/* unsupported family type, we do not set the hsot
+			/* unsupported family type, we do not set the host
 			 * (family is set to NO_FAMILY) */
 			return &this->public;
 	}
diff --git a/src/charon/sa/connect_manager.c b/src/charon/sa/connect_manager.c
index 56a7823f4..4a06921e1 100644
--- a/src/charon/sa/connect_manager.c
+++ b/src/charon/sa/connect_manager.c
@@ -359,6 +359,8 @@ static void check_destroy(check_t *this)
 	chunk_free(&this->connect_id);
 	chunk_free(&this->endpoint_raw);
 	chunk_free(&this->auth);
+	DESTROY_IF(this->src);
+	DESTROY_IF(this->dst);
 	DESTROY_IF(this->endpoint);
 	free(this);
 }
@@ -373,6 +375,8 @@ static check_t *check_create()
 	this->connect_id = chunk_empty;
 	this->auth = chunk_empty;
 	this->endpoint_raw = chunk_empty;
+	this->src = NULL;
+	this->dst = NULL;
 	this->endpoint = NULL;
 	
 	this->mid = 0;
@@ -1020,7 +1024,9 @@ static void send_check(private_connect_manager_t *this, check_list_t *checklist,
 	message->set_destination(message, check->dst->clone(check->dst));
 	message->set_source(message, check->src->clone(check->src));
 	
-	message->set_ike_sa_id(message, ike_sa_id_create(0, 0, request));
+	ike_sa_id_t *ike_sa_id = ike_sa_id_create(0, 0, request);
+	message->set_ike_sa_id(message, ike_sa_id);
+	ike_sa_id->destroy(ike_sa_id);
 
 	message->add_notify(message, FALSE, ME_CONNECTID, check->connect_id);
 	DBG2(DBG_IKE, "send ME_CONNECTID %#B", &check->connect_id);
@@ -1050,6 +1056,7 @@ static void send_check(private_connect_manager_t *this, check_list_t *checklist,
 			packet->destroy(packet);
 		}
 	}
+	message->destroy(message);
 }
 
 /**
@@ -1323,7 +1330,9 @@ static void process_check(private_connect_manager_t *this, message_t *message)
 	check_t *check = check_create();
 	check->mid = message->get_message_id(message);
 	check->src = message->get_source(message);
+	check->src = check->src->clone(check->src);
 	check->dst = message->get_destination(message);
+	check->dst = check->dst->clone(check->dst);
 	
 	if (process_payloads(message, check) != SUCCESS)
 	{
diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c
index 213aa0e14..58a344529 100644
--- a/src/charon/sa/ike_sa.c
+++ b/src/charon/sa/ike_sa.c
@@ -1087,6 +1087,7 @@ static status_t initiate(private_ike_sa_t *this, child_cfg_t *child_cfg)
 		{	/* FIXME: we should try to find a better solution to this */
 			SIG(CHILD_UP_SUCCESS, "mediation connection is already up and running");
 		}
+		DESTROY_IF(child_cfg);
 	}
 	else
 #endif /* ME */
diff --git a/src/charon/sa/tasks/ike_me.c b/src/charon/sa/tasks/ike_me.c
index 2d6862dc3..44f5c9f21 100644
--- a/src/charon/sa/tasks/ike_me.c
+++ b/src/charon/sa/tasks/ike_me.c
@@ -241,7 +241,7 @@ static void process_payloads(private_ike_me_t *this, message_t *message)
 }
 
 /**
- * Implementation of task_t.process for initiator
+ * Implementation of task_t.build for initiator
  */
 static status_t build_i(private_ike_me_t *this, message_t *message)
 {
@@ -512,7 +512,7 @@ static status_t process_i(private_ike_me_t *this, message_t *message)
 }
 
 /**
- * Implementation of task_t.process for initiator (mediation server)
+ * Implementation of task_t.build for initiator (mediation server)
  */
 static status_t build_i_ms(private_ike_me_t *this, message_t *message)
 {
@@ -556,14 +556,24 @@ static status_t process_r_ms(private_ike_me_t *this, message_t *message)
 	{
 		case IKE_SA_INIT:
 		{
+			/* FIXME: we should check for SA* and TS* payloads
+			 * if any are there send NO_ADDITIONAL_SAS back and delete this SA */
 			process_payloads(this, message);
 			return this->mediation ? NEED_MORE : SUCCESS;
 		}
 		case IKE_AUTH:
 		{
+			/* FIXME: we should check whether the current peer_config is configured
+			 * as mediation connection */
 			process_payloads(this, message);
 			break;
 		}
+		case CREATE_CHILD_SA:
+		{
+			/* FIXME: if this is not to rekey the IKE SA we have to return a
+			 * NO_ADDITIONAL_SAS and then delete the SA */
+			break;
+		}
 		case ME_CONNECT:
 		{
 			id_payload_t *id_payload;
@@ -633,8 +643,10 @@ static status_t build_r_ms(private_ike_me_t *this, message_t *message)
 				
 				endpoint = endpoint_notify_create_from_host(SERVER_REFLEXIVE, host, NULL);								
 				message->add_payload(message, (payload_t*)endpoint->build_notify(endpoint));
+				endpoint->destroy(endpoint);
 			}
 			
+			/* FIXME: we must delete any existing IKE_SAs */
 			charon->mediation_manager->update_sa_id(charon->mediation_manager,
 					this->ike_sa->get_other_id(this->ike_sa),
 					this->ike_sa->get_id(this->ike_sa));
@@ -728,7 +740,10 @@ static void relay(private_ike_me_t *this, identification_t *requester, chunk_t c
 	this->peer_id = requester->clone(requester);
 	this->connect_id = chunk_clone(connect_id);
 	this->connect_key = chunk_clone(connect_key);
+	
+	this->remote_endpoints->destroy_offset(this->remote_endpoints, offsetof(endpoint_notify_t, destroy));
 	this->remote_endpoints = endpoints->clone_offset(endpoints, offsetof(endpoint_notify_t, clone));
+	
 	this->response = response;
 }