[PATCH 20/25] site: dynamically create and destroy transform instances

[Ian Jackson]

Rather than making three transform instances at setup time, and then
using setkey on them, we create transform instances as needed and
destroy them when we delete their keys.

This is necessary because we are going to support multiple different
kinds of transform, so each one of the three transforms might be of
different kinds (supplied by different secnet modules) at different
times.

The variables current.transform, auxiliary_key.transform and
new_transform can all be NULL now.

Signed-off-by: Ian Jackson <ijackson at chiark.greenend.org.uk>
---
 site.c |   31 ++++++++++++++++++++++---------
 1 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/site.c b/site.c
index 5042af5..eb8460a 100644
--- a/site.c
+++ b/site.c
@@ -336,7 +336,8 @@ static void activate_new_key(struct site *st);
 
 static bool_t current_valid(struct site *st)
 {
-    return st->current.transform->valid(st->current.transform->st);
+    return st->current.transform &&
+	st->current.transform->valid(st->current.transform->st);
 }
 
 #define CHECK_AVAIL(b,l) do { if ((b)->size<(l)) return False; } while(0)
@@ -368,6 +369,19 @@ struct msg {
     char *sig;
 };
 
+static void set_new_transform(struct site *st)
+{
+    struct transform_if *generator=st->transform;
+    struct transform_inst_if *new_transform=generator->create(generator->st);
+    new_transform->setkey(new_transform->st,st->sharedsecret,
+			  st->sharedsecretlen,st->setup_priority);
+    if (st->new_transform) {
+	st->new_transform->delkey(st->new_transform->st);
+	st->new_transform->destroy(st->new_transform->st);
+    }
+    st->new_transform=new_transform;
+}
+
 struct xinfoadd {
     int32_t lenpos, afternul;
 };
@@ -641,8 +655,7 @@ static bool_t process_msg3(struct site *st, struct buffer_if *msg3,
 		       st->sharedsecret,st->sharedsecretlen);
 
     /* Set up the transform */
-    st->new_transform->setkey(st->new_transform->st,st->sharedsecret,
-			      st->sharedsecretlen,st->setup_priority);
+    set_new_transform(st);
 
     return True;
 }
@@ -688,8 +701,7 @@ static bool_t process_msg4(struct site *st, struct buffer_if *msg4,
     st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,m.pk,
 		       st->sharedsecret,st->sharedsecretlen);
     /* Set up the transform */
-    st->new_transform->setkey(st->new_transform->st,st->sharedsecret,
-			      st->sharedsecretlen,st->setup_priority);
+    set_new_transform(st);
 
     return True;
 }
@@ -1027,9 +1039,10 @@ static void activate_new_key(struct site *st)
 static void delete_one_key(struct site *st, struct data_key *key,
 			   cstring_t reason, cstring_t which, uint32_t loglevel)
 {
-    if (!key->transform->valid(key->transform->st)) return;
+    if (!key->transform) return;
     if (reason) slog(st,loglevel,"%s deleted (%s)",which,reason);
     key->transform->delkey(key->transform->st);
+    key->transform->destroy(key->transform->st);
     key->key_timeout=0;
 }
 
@@ -1659,9 +1672,9 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
     for (i=0; i<st->ncomms; i++)
 	st->comms[i]->request_notify(st->comms[i]->st, st, site_incoming);
 
-    st->current.transform=st->transform->create(st->transform->st);
-    st->auxiliary_key.transform=st->transform->create(st->transform->st);
-    st->new_transform=st->transform->create(st->transform->st);
+    st->current.transform=0;
+    st->auxiliary_key.transform=0;
+    st->new_transform=0;
     st->auxiliary_is_new=0;
 
     enter_state_stop(st);
-- 
1.7.2.5