[SRU] racoon crashes when racoon.conf contains sainfo section for ipv6
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ipsec-tools (Ubuntu) |
Fix Released
|
Medium
|
Chuck Short | ||
Intrepid |
Won't Fix
|
Medium
|
Chuck Short | ||
Jaunty |
Won't Fix
|
Medium
|
Chuck Short |
Bug Description
Binary package hint: ipsec-tools
It seems I am the only one on this planet using ipv6. Since ipsec-tools 0.7, when configuring v6 addresses in sainfo section of racoon.conf, racoon crashes:
$ sudo racoon -F
Foreground mode.
2009-05-09 19:14:34: INFO: @(#)ipsec-tools 0.7 (http://
2009-05-09 19:14:34: INFO: @(#)This product linked OpenSSL 0.9.8g 19 Oct 2007 (http://
2009-05-09 19:14:34: INFO: Reading configuration from "/etc/racoon/
2009-05-09 19:14:36: INFO: Resize address pool from 0 to 255
*** stack smashing detected ***: racoon terminated
======= Backtrace: =========
/lib/tls/
/lib/tls/
racoon[0x8073079]
racoon[0x808ac74]
racoon[0x808b015]
racoon[0x8091d8b]
racoon[0x80943e8]
racoon[0x804cfcd]
/lib/tls/
racoon[0x804cb71]
======= Memory map: ========
08048000-080bb000 r-xp 00000000 08:01 84214 /usr/sbin/racoon
080bb000-080bc000 rw-p 00072000 08:01 84214 /usr/sbin/racoon
080bc000-080e3000 rw-p 080bc000 00:00 0 [heap]
..
Now, this happens without even communicating with the far end.
To reproduce, take for example this rather minimal racoon.conf:
---- 8< ----
remote ::2 {
exchange_mode main;
proposal {
encryption_
hash_algorithm sha1;
authenticat
dh_group 2;
}
}
sainfo address ::1 any address ::2 any
{
}
sainfo address ::2 any address ::1 any
{
}
---- 8< ----
and start racoon in the forground - it will crash instantly.
Source package: ipsec-tools_
Related branches
- Steve Beattie (community): Approve (sru)
-
Diff: 235 lines5 files modifieddebian/changelog (+25/-0)
src/racoon/crypto_openssl.c (+2/-0)
src/racoon/ipsec_doi.c (+41/-23)
src/racoon/isakmp_frag.c (+2/-1)
src/racoon/nattraversal.c (+11/-4)
- Steve Beattie (community): Approve (sru)
-
Diff: 235 lines5 files modifieddebian/changelog (+25/-0)
src/racoon/crypto_openssl.c (+2/-0)
src/racoon/ipsec_doi.c (+41/-23)
src/racoon/isakmp_frag.c (+2/-1)
src/racoon/nattraversal.c (+11/-4)
Changed in ipsec-tools (Ubuntu): | |
assignee: | nobody → Ubuntu Core Development Team (ubuntu-core-dev) |
assignee: | Ubuntu Core Development Team (ubuntu-core-dev) → nobody |
Changed in ipsec-tools (Ubuntu Intrepid): | |
assignee: | nobody → Chuck Short (zulcss) |
Changed in ipsec-tools (Ubuntu Jaunty): | |
assignee: | nobody → Chuck Short (zulcss) |
Changed in ipsec-tools (Ubuntu Intrepid): | |
status: | New → In Progress |
Changed in ipsec-tools (Ubuntu Jaunty): | |
status: | New → In Progress |
Changed in ipsec-tools (Ubuntu Intrepid): | |
importance: | Undecided → Medium |
Changed in ipsec-tools (Ubuntu Jaunty): | |
importance: | Undecided → Medium |
The attached patch fixes the problem. A new release will be issued by the ipsec-tools development team (0.7.3).