[Openswan dev] Pluto crashes with preshared key, responders enabled pfs using 2.4.7

Michael Richardson mcr at xelerance.com
Mon Jan 15 14:49:02 EST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Matthias" == Matthias Haas <mh at pompase.net> writes:
    Matthias> Hello, I recently stumbled about a pluto crash while
    Matthias> playing around with different configurations. I currently
    Matthias> use openswan-2.4.7 at kernel 2.4.33.3.

    Matthias> The crash seems to affect the responder to a preshared key
    Matthias> connection, where just the responder has pfs activated. As
    Matthias> soon as the client tries ti setup phase 2 the responder
    Matthias> crashes. The initiator is not hit by this crash. At the
    Matthias> moment I do not have the time to check whether this also
    Matthias> affects non psk connection.
 
  Do you have nhelpers=0?

    Matthias> It stumbles about a not or still not initialized
    Matthias> connection pointer in the assertion call demux.c 2414 as
    Matthias> result is STF_INLINE. As STF_INLINE seems to be valid here
    Matthias> I think the assertion should also be true for this
    Matthias> result. Therefore I applied the following patch:

  I agree that the patch should be correct.
  
    Matthias> This patch fixed the crash. Atleast it works for me
    Matthias> :-)). I do not know whether this is the right way to get
    Matthias> rid of the crash. So please have a closer look at it.

  Is this perfectly reproduceable?
  If so, can you share the entire configuration with Paul?

- -- 
]            Bear: "Me, I'm just the shape of a bear."          |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBRavZuICLcPvd0N1lAQJGOAf/bBTV6zNyuYN6YOZPx0tUhmbLbkC0uvug
bk766ToV/ZnGtkypVEQsFISlaBpickpdQB6zM9bOFI6rbsfFFphrBYNyfwCYQFAe
uaVdv3/sW3gfxxJ3Tek/T/nlkXMRfLZESe0j79+lhSfHbk6LJXymYfRMDY1FtWgs
0FM+TpU0NO3C/iG5psAw342Zwzo3QgwoIkFUHGD/l80C7pD9jjzYok7zi5N/f2I5
GWiEZm9F5E32jOgYOE0el6J9RJ6KcAqNy1tIxsA2MqE/LCkYuyCQQQpNcObtfDmA
jO1zMB9hW22ly0Ps91EyCm68VqpFJDWWOs5ICIK4aCEri7V9L2CGwA==
=Kd4p
-----END PGP SIGNATURE-----

More information about the Dev mailing list