Le Thu, 31 Jul 2008 15:21:36 +0200, Pawel Jakub Dawidek <pjd_at_FreeBSD.org> a écrit : Hello, > > I think that one problem is that the session id (ses->ses_id) is not > > updated when a free session is reused. The session id is set to > > zero by bzero() in padlock_freesession(). So we can have several > > active sessions with the same ses->ses_id == 0 if the sessions are > > reused. > > Great catch! What do you think about using old sessid? I think it's ok > to do so and a bit safer, because session ID is only 32bit long so we > may get collision once we start from 0 again. I agree, so just: padlock_freession() padlock_hash_free(ses); bzero(ses, sizeof(*ses)); ses->ses_used = 0; + ses->ses_id = sid; TAILQ_INSERT_HEAD(&sc->sc_sessions, ses, ses_next); I've made some tests with ipsec and openssl on the glxsb driver (it is quite the same code) and it looks good. Regards.Received on Thu Jul 31 2008 - 13:45:39 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:33 UTC