diff options
| author | Martin Willi <martin@strongswan.org> | 2008-12-09 14:34:15 +0000 |
|---|---|---|
| committer | Martin Willi <martin@strongswan.org> | 2008-12-09 14:34:15 +0000 |
| commit | 7023d49ee166b17c7bff81ac4673e28a8f422a5d (patch) | |
| tree | 4d73fc3030575facb45ad1ace2970cea2c848a48 /src | |
| parent | a1466a3ec23dbbc75214b53392bd5a3777ca10cd (diff) | |
| download | strongswan-7023d49ee166b17c7bff81ac4673e28a8f422a5d.tar.bz2 strongswan-7023d49ee166b17c7bff81ac4673e28a8f422a5d.tar.xz | |
purge auth_info when IKE_SA is established, releases cert memory
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon/credentials/auth_info.c | 13 | ||||
| -rw-r--r-- | src/charon/credentials/auth_info.h | 5 | ||||
| -rw-r--r-- | src/charon/sa/ike_sa.c | 6 |
3 files changed, 22 insertions, 2 deletions
diff --git a/src/charon/credentials/auth_info.c b/src/charon/credentials/auth_info.c index 42e1ea4c1..62d5ea9b3 100644 --- a/src/charon/credentials/auth_info.c +++ b/src/charon/credentials/auth_info.c @@ -560,9 +560,9 @@ static void destroy_item_value(item_t *item) } /** - * Implementation of auth_info_t.destroy + * Implementation of auth_info_t.purge */ -static void destroy(private_auth_info_t *this) +static void purge(private_auth_info_t *this) { item_t *item; @@ -571,6 +571,14 @@ static void destroy(private_auth_info_t *this) destroy_item_value(item); free(item); } +} + +/** + * Implementation of auth_info_t.destroy + */ +static void destroy(private_auth_info_t *this) +{ + purge(this); this->items->destroy(this->items); free(this); } @@ -588,6 +596,7 @@ auth_info_t *auth_info_create() this->public.create_item_enumerator = (enumerator_t*(*)(auth_info_t*))create_item_enumerator; this->public.complies = (bool(*)(auth_info_t*, auth_info_t *))complies; this->public.merge = (void(*)(auth_info_t*, auth_info_t *other))merge; + this->public.purge = (void(*)(auth_info_t*))purge; this->public.equals = (bool(*)(auth_info_t*, auth_info_t *other))equals; this->public.destroy = (void(*)(auth_info_t*))destroy; diff --git a/src/charon/credentials/auth_info.h b/src/charon/credentials/auth_info.h index 52433433a..161698a65 100644 --- a/src/charon/credentials/auth_info.h +++ b/src/charon/credentials/auth_info.h @@ -172,6 +172,11 @@ struct auth_info_t { void (*merge)(auth_info_t *this, auth_info_t *other); /** + * Purge all items in auth_info. + */ + void (*purge)(auth_info_t *this); + + /** * Check two auth_infos for equality. * * @param other other item to compaire against this diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index fa04c0427..a4e17fdd3 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -709,6 +709,12 @@ static void set_state(private_ike_sa_t *this, ike_sa_state_t state) break; } charon->bus->ike_state_change(charon->bus, &this->public, state); + if (state == IKE_ESTABLISHED) + { /* purge auth items after hook invocation, as they contain certs + * and other memory wasting elements */ + this->my_auth->purge(this->my_auth); + this->other_auth->purge(this->other_auth); + } this->state = state; } |