[Openswan Users] CRLS in 2.1.0
Andreas Steffen
andreas.steffen at strongsec.net
Mon Mar 22 15:29:28 CET 2004
Paul Wouters wrote:
> On Mon, 22 Mar 2004, Niki Waibel wrote:
>
> Ken wrote:
>
>
>>>The crls.pem file cores seem to be machine specific - very hard to track
>>>down. If you have a copy of one that crashs pluto, if possible, give me a
>>>copy so we can test further.
>>
>>i have the same problem. pluto (openswan-2.1.0rc1) crashes when using a
>>/etc/ipsec.d/crls/crl.pem file (attached -- hope that's ok).
>
>
> The problem does not seem to be machine specific. I have succesfully core
> dumped my pluto with other people's crl.pem file.
I analyzed the openswan CRL core dump problem already on Feb 14 2003:
http://lists.openswan.org/pipermail/dev/2004-February/000057.html
As you see I located the error in certs.c:loaded_coded_file() where
the file size is not correctly determined. Using the same crl file
"warden-crl.pem" I could *not* reproduce this crash using
freeswan-2.04 with the X.509-1.5.3 patch
nor with strongwan-2.0.0.
> Hopefully we or Andreas will have a fix for this bug soon.
>
> Paul
Regards
Andreas
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
More information about the Users
mailing list