"D. Hugh Redelmeier" wrote:
>
> | From: Bryan Bayerdorffer <bryan.bayerdorffer_at_analog.com>
> |
> | 1.95 from debian package, custom 2.4.17 (also tried .18) kernel. 1.95 was
> | running ok with 2.4.17 before upgrading from debian stable to unstable. library
> | incomaptibility?
>
> I don't recognize this bug. I also don't recognize the source: the
> assertion failed in a line that isn't in 1.95. I am guessing that the
> reason is that you are using the X.509 patch. So I guess that this is
> one for Andreas.
>
> A core dump might help. So too a barf.
>
> Hugh Redelmeier
> hugh_at_mimosa.com voice: +1 416 482-8253
Bryan, I think you are using a debian release containing the AES patch
v0.7.2a from JuanJo Ciarlante which has a dynamic memory allocation bug
causing memory to be freed multiple times. Unfortunately the X.509
patch gets these memory chunks leading to the strange crash you
describe above. The bug posting
http://lists.freeswan.org/pipermail/bugs/2002-March/000210.html
explains the details.
To make sure that your release contains the AES patch, type
ipsec auto --status
and verify if something of the kind
00 algorithm ESP encrypt: id=3, name=ESP_3DES
000 algorithm ESP encrypt: id=12, name=ESP_AES
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1
can be found near the top of the listing.
To fix this bug you can use the incremental patch from JuanJo
attached to this mail. Apply it in the top freeswan-1.95 source directory
and type
make programs
make install
ipsec setup restart
to recompile and restart Pluto.
Regards
Andreas
P.S. The bug has been fixed in v0.7.2b of the AES patch and the
corrected version can be downloaded from
http://www.irrigacion.gov.ar/juanjo/ipsec/
======================================================================
Andreas Steffen e-mail: andreas.steffen_at_zhwin.ch
Zuercher Hochschule Winterthur home: http://www.zhwin.ch/~sna/
CH-8401 Winterthur (Switzerland) phone: +41 76 340 25 56
===============================================================[ZHW]==
Index: freeswan/pluto/Makefile
===================================================================
RCS file: /home/jjo/cvs.juanjo/freeswan/pluto/Makefile,v
retrieving revision 1.1.1.1.2.1
diff -u -u -r1.1.1.1.2.1 Makefile
--- freeswan/pluto/Makefile 8 Mar 2002 15:21:59 -0000 1.1.1.1.2.1
+++ freeswan/pluto/Makefile 10 Mar 2002 00:21:30 -0000
@@ -160,7 +160,7 @@
../utils/manlink $(FMANDIR) ipsec.secrets.5
OBJSPLUTO:= kernel_alg.o alg_info.o $(OBJSPLUTO)
-alg_info_test: alg_info_test.o alg_info.o constants.o defs.o log.o $(FREESWANLIB)
+alg_info_test: alg_info_test.o alg_info.o kernel_alg.o constants.o defs.o log.o $(FREESWANLIB)
$(CC) -o $@ $^ $(LIBSPLUTO)
$(BINNAMEPLUTO): $(OBJSPLUTO)
Index: freeswan/pluto/alg_info.c
===================================================================
RCS file: /home/jjo/cvs.juanjo/freeswan/pluto/Attic/alg_info.c,v
retrieving revision 1.1.2.1
diff -u -u -r1.1.2.1 alg_info.c
--- freeswan/pluto/alg_info.c 8 Mar 2002 15:21:59 -0000 1.1.2.1
+++ freeswan/pluto/alg_info.c 12 Mar 2002 01:00:15 -0000
@@ -84,7 +84,8 @@
out:
return ret;
}
-void alg_info_free(struct alg_info *alg_info) {
+void
+alg_info_free(struct alg_info *alg_info) {
pfreeany(alg_info);
}
/*
@@ -419,6 +420,38 @@
alg_info_free(alg_info);
return NULL;
}
+/*
+ * alg_info struct can be shared by
+ * several connections instances,
+ * handle free() with ref_cnts
+ */
+void
+alg_info_addref(struct alg_info *alg_info)
+{
+ if (alg_info != NULL) {
+ alg_info->ref_cnt++;
+ DBG(DBG_CRYPT, DBG_log(__FUNCTION__ "() "
+ "alg_info->ref_cnt=%d", alg_info->ref_cnt));
+ }
+}
+void
+alg_info_delref(struct alg_info **alg_info_p)
+{
+ struct alg_info *alg_info=*alg_info_p;
+ if (alg_info != NULL) {
+ passert(alg_info->ref_cnt != 0);
+ alg_info->ref_cnt--;
+ DBG(DBG_CRYPT, DBG_log(__FUNCTION__ "() "
+ "alg_info->ref_cnt=%d", alg_info->ref_cnt));
+ if (alg_info->ref_cnt==0) {
+ DBG(DBG_CRYPT, DBG_log(__FUNCTION__ "() "
+ "freeing alg_info"));
+ alg_info_free(alg_info);
+ }
+ *alg_info_p=NULL;
+ }
+}
+
int
alg_info_snprint(char *buf, int buflen, struct alg_info *alg_info)
{
Index: freeswan/pluto/alg_info.h
===================================================================
RCS file: /home/jjo/cvs.juanjo/freeswan/pluto/Attic/alg_info.h,v
retrieving revision 1.1.2.1
diff -u -u -r1.1.2.1 alg_info.h
--- freeswan/pluto/alg_info.h 8 Mar 2002 15:21:59 -0000 1.1.2.1
+++ freeswan/pluto/alg_info.h 9 Mar 2002 22:21:39 -0000
@@ -31,6 +31,7 @@
#define alg_info_esp esp_info
struct alg_info {
int alg_info_cnt;
+ int ref_cnt;
struct alg_info_esp alg_info_esp[64]; /* static for now */
};
#define esp_ealg_id transid
@@ -38,6 +39,8 @@
#define esp_ealg_keylen enckeylen /* bits */
#define esp_aalg_keylen authkeylen /* bits */
void alg_info_free(struct alg_info *alg_info);
+void alg_info_addref(struct alg_info *alg_info);
+void alg_info_delref(struct alg_info **alg_info);
struct alg_info *alg_info_create_from_str(const char *alg_str, const char **err_p);
int alg_info_parse(const char *str);
int alg_info_snprint(char *buf, int buflen, struct alg_info *alg_info);
Index: freeswan/pluto/alg_info_test.c
===================================================================
RCS file: /home/jjo/cvs.juanjo/freeswan/pluto/Attic/alg_info_test.c,v
retrieving revision 1.1.2.1
diff -u -u -r1.1.2.1 alg_info_test.c
--- freeswan/pluto/alg_info_test.c 8 Mar 2002 15:21:59 -0000 1.1.2.1
+++ freeswan/pluto/alg_info_test.c 10 Mar 2002 00:20:47 -0000
@@ -32,6 +32,7 @@
alg_info_snprint(buf, sizeof(buf), ai);
puts(buf);
}
+ alg_info_addref(ai);
ALG_INFO_FOREACH(ai, ai_e, i) {
printf("(%d = \"%s\" [%d], ",
ai_e->esp_ealg_id,
@@ -42,7 +43,7 @@
enum_name(&auth_alg_names, ai_e->esp_aalg_id),
ai_e->esp_aalg_keylen);
}
- alg_info_free(ai);
+ alg_info_delref(&ai);
return 0;
err:
if (err)
Index: freeswan/pluto/connections.c
===================================================================
RCS file: /home/jjo/cvs.juanjo/freeswan/pluto/connections.c,v
retrieving revision 1.1.1.1.2.1
diff -u -u -r1.1.1.1.2.1 connections.c
--- freeswan/pluto/connections.c 8 Mar 2002 15:21:59 -0000 1.1.1.1.2.1
+++ freeswan/pluto/connections.c 9 Mar 2002 22:23:56 -0000
@@ -289,7 +289,7 @@
free_id_content(&c->that.id);
pfreeany(c->that.updown);
gw_delref(&c->gw_info);
- alg_info_free(c->alg_info);
+ alg_info_delref(&c->alg_info);
pfree(c);
}
@@ -653,16 +653,17 @@
alg_info_snprint(buf, sizeof(buf), c->alg_info);
DBG_log("esp string values: %s", buf);
);
- if (!c->alg_info) {
+ if (c->alg_info) {
+ if (c->alg_info->alg_info_cnt==0) {
+ loglog(RC_LOG_SERIOUS
+ , "got 0 transforms for esp=\"%s\""
+ , wm->esp);
+ }
+ } else {
loglog(RC_LOG_SERIOUS
, "esp string error: %s"
, ugh? ugh : "Unknown");
}
- if (c->alg_info->alg_info_cnt==0) {
- loglog(RC_LOG_SERIOUS
- , "got 0 transforms for esp=\"%s\""
- , wm->esp);
- }
}
c->sa_ike_life_seconds = wm->sa_ike_life_seconds;
@@ -707,6 +708,7 @@
c->gw_info = NULL;
unshare_connection_strings(c);
+ alg_info_addref(c->alg_info);
(void)orient(c);
connect_to_host_pair(c);
@@ -771,6 +773,7 @@
d->that.id = *his_id;
}
unshare_connection_strings(d);
+ alg_info_addref(d->alg_info);
d->kind = CK_INSTANCE;
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:42 CEST