[Openswan dev] [Openswan Users] pluto segfaults when using SHA2 256 hash
Paul Wouters
paul at nohats.ca
Mon Feb 6 11:20:27 EST 2012
On Mon, 6 Feb 2012, Abhinav Bhagwat wrote:
> Thanks Paul. That works! After recompiling the kernel with icv_tuncbits=128
> I was able to successfully create a transport tunnel between linux and
> windows.
Great! Thanks for the feedback. I will add a check in "ipsec verify".
Paul
> ____________________________________________________________________________
> From: Paul Wouters <paul at nohats.ca>
> Sent: Friday, February 3, 2012 10:48 PM
> Subject: Re: [Openswan Users] pluto segfaults when using SHA2 256 hash
>
> On Thu, 2 Feb 2012, Abhinav Bhagwat wrote:
>
> > Thanks Paul. That works. However, I see another issue. If I connect two
> linux boxes it works fine.
> > Simiarly if I connect two windows boxes, it works fine. However, if I try
> to connect to a windows 2K8 box
> > to a linux box, it does not work. Phase 1 and phase 2 SAs are both
> successfully established. But, when I
> > telnet to windows box, the ESP packet reaches the windows box but there is
> not reply back. If I replace
> > sha256 with sha1, it all works fine.
>
> That is probably due to the SHA2 256 Linux bug. In all kernels up to
> 2.6.32 or so, the SHA256 was truncated. For newer kernels, it requires
> a different call via kernel_netlink to use the fixed up version of the
> XFM code that fixed the truncation.
>
> I started work on fixing that, but it did not yet quite work as
> expected.
>
> A quick and dirty hack could be to change the kernel truncation and
> recompile the kernel. That would be in linux-2.6.xx/net/crypto/xfrm_algo.c
> around the section:
>
> {
> .name = "hmac(sha256)",
> .compat = "sha256",
>
> .uinfo = {
> .auth = {
> .icv_truncbits = 96,
> .icv_fullbits = 256,
> }
> },
>
> While the draft had 96, the final RFC has fullbits/2, so you should make
> it 128. For sha256 it would be "256".
>
> I hope to get back on track to fix that so we can specify:
>
> phase2alg=aes128-sha2_256-128
>
> and
>
> phase2alg=aes128-sha2_256-96
>
> But those changes are more invasive then I had time for a few weeks ago.
>
> I'll forward another message to the list with details that did not make
> it to the dev archives.
>
> Paul
>
>
>
>
More information about the Dev
mailing list