[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec-tools-devel
Subject: [Ipsec-tools-devel] racoon broken and crashes when racoon.conf
From: Fredrik Ljunggren <fredrik () kirei ! se>
Date: 2009-05-09 18:27:25
Message-ID: E9DB5A7D-4860-4952-B4D4-E638EDB61820 () kirei ! se
[Download RAW message or body]
It seems as since ipsec-tools 0.7, racoon is broken when configuring
v6 addresses in sainfo section of racoon.conf:
$ sudo racoon -F
Foreground mode.
2009-05-09 19:14:34: INFO: @(#)ipsec-tools 0.7 (http://ipsec-tools.sourceforge.net
)
2009-05-09 19:14:34: INFO: @(#)This product linked OpenSSL 0.9.8g 19
Oct 2007 (http://www.openssl.org/)
2009-05-09 19:14:34: INFO: Reading configuration from "/etc/racoon/
racoon.conf"
2009-05-09 19:14:36: INFO: Resize address pool from 0 to 255
*** stack smashing detected ***: racoon terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7c63138]
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x0)[0xb7c630f0]
racoon[0x8073079]
racoon[0x808ac74]
racoon[0x808b015]
racoon[0x8091d8b]
racoon[0x80943e8]
racoon[0x804cfcd]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb7b8c450]
racoon[0x804cb71]
======= Memory map: ========
08048000-080bb000 r-xp 00000000 08:01 84214 /usr/sbin/racoon
080bb000-080bc000 rw-p 00072000 08:01 84214 /usr/sbin/racoon
080bc000-080e3000 rw-p 080bc000 00:00 0 [heap]
..
Now, this happens without even communicating with the far end.
To reproduce, take for example this rather minimal (and silly)
racoon.conf:
---- 8< ----
remote ::2 {
exchange_mode main;
proposal {
encryption_algorithm aes;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2;
}
}
sainfo address ::1 any address ::2 any
{
encryption_algorithm aes;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address ::2 any address ::1 any
{
encryption_algorithm aes;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
---- 8< ----
and start racoon in the forground - it will crash instantly.
This has been verified with fresh build from source (0.7.2) on ubuntu
linux 8.04 and 9.04. It has been reported to the ubuntu team aswell.
regards,
-- Fredrik
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Ipsec-tools-devel mailing list
Ipsec-tools-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic