New commits: commit ed91be1ba97e982b0ae6e0e2e8987448c6336a08 Merge: 531b917c77 85989a3e4e Author: Andrew Cagney <cag...@gnu.org> Date: Fri Sep 1 21:20:34 2023 -0400
conections: refcnt the state's .st_connection Merge remote-tracking branch 'github/connection-refcnt' commit 85989a3e4ed81bd97e9f10d4dc7b513dfa4ca3d4 Author: Andrew Cagney <cag...@gnu.org> Date: Sat Aug 26 18:32:46 2023 -0400 routing: update transitions commit ae67fbf304fc8f22e1b0bc25283dd6a31f6952fd Author: Andrew Cagney <cag...@gnu.org> Date: Fri Aug 25 22:36:19 2023 -0400 connections: when establishing, addref/delref when zapping old states For instance, in install_inbound_ipsec_sa() and ISAKMP_SA_established(). The code looks like: addref() strip states if instance unroute delref This is a hack on a hack: - the unroute() is a hack to get around teardown_ipsec_kernel_policies() leaving connections ROUTED_ONDEMAND the code should just call connection_unroute() but, currently, for historic reasons, directly unrouting an established tunnel isn't allowed - the addref/delref is to stop the connection disappearing before the unroute call happens commit f4aa064074374c9f672f4d374fc024cefee5db14 Author: Andrew Cagney <cag...@gnu.org> Date: Wed Aug 23 18:17:26 2023 -0400 connections: when deleting states grab a connection reference the model here is: stack_connection = addref(st->st_connection) strip connection of states et.al. delref(stack_connection) for a permanent connection the addref/delref are no-ops, but for unused instances, these stop the connection being deleted Note that there's still some curly code doing stuff like: co = st->connection->serialno strip connection of states cc = find_connection(co) that still lurkes in the code base. commit 5835f03b8a70204910a6442fb67c091f8ef521f2 Author: Andrew Cagney <cag...@gnu.org> Date: Tue Aug 22 09:49:20 2023 -0400 connections: addref/delref when initiating connections the model here is: connection = find_and_newref_connection_to_initiate() initiate connection; which takes a reference delref(connection) where find_and_newref_connection_to_initiate() - addref's permanent connections - instantiates template connections With IKEv2 the nested initiate functions follow the model closely IKEv1 is a bit tangled. Note that in addition to the initiate code, this also happens when instantiating connections when finding a better connection. The only got-ya is labeled-templates. Because the labeled-parent is permanent like it's reference isn't released. commit dd3319a8a97618c81d2fdf1330e78786e598a2f8 Author: Andrew Cagney <cag...@gnu.org> Date: Wed Aug 23 18:37:55 2023 -0400 routing: drop connection_has_interlopers hack commit cd207d98e0b0bb97ef2d7b5c71546115abff0748 Author: Andrew Cagney <cag...@gnu.org> Date: Fri Aug 25 16:22:07 2023 -0400 connections: make st_connection_delref() a no-op commit 6c2ad7ddf560669e65631bb92b51c4fb8986a741 Author: Andrew Cagney <cag...@gnu.org> Date: Tue Aug 22 07:10:44 2023 -0400 state: refcnt .st_connection _______________________________________________ Swan-commit mailing list Swan-commit@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-commit