[Openswan dev] Pluto crashes with preshared key, responders enabled pfs using 2.4.7
Michael Richardson
mcr at xelerance.com
Mon Jan 15 14:49:02 EST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "Matthias" == Matthias Haas <mh at pompase.net> writes:
Matthias> Hello, I recently stumbled about a pluto crash while
Matthias> playing around with different configurations. I currently
Matthias> use openswan-2.4.7 at kernel 2.4.33.3.
Matthias> The crash seems to affect the responder to a preshared key
Matthias> connection, where just the responder has pfs activated. As
Matthias> soon as the client tries ti setup phase 2 the responder
Matthias> crashes. The initiator is not hit by this crash. At the
Matthias> moment I do not have the time to check whether this also
Matthias> affects non psk connection.
Do you have nhelpers=0?
Matthias> It stumbles about a not or still not initialized
Matthias> connection pointer in the assertion call demux.c 2414 as
Matthias> result is STF_INLINE. As STF_INLINE seems to be valid here
Matthias> I think the assertion should also be true for this
Matthias> result. Therefore I applied the following patch:
I agree that the patch should be correct.
Matthias> This patch fixed the crash. Atleast it works for me
Matthias> :-)). I do not know whether this is the right way to get
Matthias> rid of the crash. So please have a closer look at it.
Is this perfectly reproduceable?
If so, can you share the entire configuration with Paul?
- --
] Bear: "Me, I'm just the shape of a bear." | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Finger me for keys
iQEVAwUBRavZuICLcPvd0N1lAQJGOAf/bBTV6zNyuYN6YOZPx0tUhmbLbkC0uvug
bk766ToV/ZnGtkypVEQsFISlaBpickpdQB6zM9bOFI6rbsfFFphrBYNyfwCYQFAe
uaVdv3/sW3gfxxJ3Tek/T/nlkXMRfLZESe0j79+lhSfHbk6LJXymYfRMDY1FtWgs
0FM+TpU0NO3C/iG5psAw342Zwzo3QgwoIkFUHGD/l80C7pD9jjzYok7zi5N/f2I5
GWiEZm9F5E32jOgYOE0el6J9RJ6KcAqNy1tIxsA2MqE/LCkYuyCQQQpNcObtfDmA
jO1zMB9hW22ly0Ps91EyCm68VqpFJDWWOs5ICIK4aCEri7V9L2CGwA==
=Kd4p
-----END PGP SIGNATURE-----
More information about the Dev
mailing list