'[Ipsec-tools-devel] racoon broken and crashes when racoon.conf'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec-tools-devel
Subject:    [Ipsec-tools-devel] racoon broken and crashes when racoon.conf
From:       Fredrik Ljunggren <fredrik () kirei ! se>
Date:       2009-05-09 18:27:25
Message-ID: E9DB5A7D-4860-4952-B4D4-E638EDB61820 () kirei ! se
[Download RAW message or body]

It seems as since ipsec-tools 0.7, racoon is broken when configuring  
v6 addresses in sainfo section of racoon.conf:

$ sudo racoon -F
Foreground mode.
2009-05-09 19:14:34: INFO: @(#)ipsec-tools 0.7 (http://ipsec-tools.sourceforge.net 
)
2009-05-09 19:14:34: INFO: @(#)This product linked OpenSSL 0.9.8g 19  
Oct 2007 (http://www.openssl.org/)
2009-05-09 19:14:34: INFO: Reading configuration from "/etc/racoon/ 
racoon.conf"
2009-05-09 19:14:36: INFO: Resize address pool from 0 to 255
*** stack smashing detected ***: racoon terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7c63138]
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x0)[0xb7c630f0]
racoon[0x8073079]
racoon[0x808ac74]
racoon[0x808b015]
racoon[0x8091d8b]
racoon[0x80943e8]
racoon[0x804cfcd]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb7b8c450]
racoon[0x804cb71]
======= Memory map: ========
08048000-080bb000 r-xp 00000000 08:01 84214 /usr/sbin/racoon
080bb000-080bc000 rw-p 00072000 08:01 84214 /usr/sbin/racoon
080bc000-080e3000 rw-p 080bc000 00:00 0 [heap]
..

Now, this happens without even communicating with the far end.

To reproduce, take for example this rather minimal (and silly)  
racoon.conf:

---- 8< ----

remote ::2 {
  exchange_mode main;
  proposal {
    encryption_algorithm aes;
    hash_algorithm sha1;
    authentication_method pre_shared_key;
    dh_group 2;
  }
}

sainfo address ::1 any address ::2 any
{
       encryption_algorithm aes;
       authentication_algorithm hmac_sha1;
       compression_algorithm deflate;
}

sainfo address ::2 any address ::1 any
{
       encryption_algorithm aes;
       authentication_algorithm hmac_sha1;
       compression_algorithm deflate;
}

---- 8< ----

and start racoon in the forground - it will crash instantly.

This has been verified with fresh build from source (0.7.2) on ubuntu  
linux 8.04 and 9.04. It has been reported to the ubuntu team aswell.



regards,

-- Fredrik

------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Ipsec-tools-devel mailing list
Ipsec-tools-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic