[Swan-commit] Changes to ref refs/heads/master
Paul Wouters
paul at vault.libreswan.fi
Wed Feb 8 22:43:49 UTC 2017
New commits:
commit 7465fb8056cd012d6102eb398eab5d03ba697b95
Author: Paul Wouters <pwouters at redhat.com>
Date: Wed Feb 8 17:36:48 2017 -0500
pluto: orient() could lead to a crash when using SPLIT_INC without remote-peer-type=cisco
The code around checking the spd_list seemed redundant, as the local side would always
be the same for all spd_list entries. Therefore, the entire loop was removed, which
also avoids the original issue of needing remote-peer-type=cisco.
As reported by Oleg Rosowiecki:
The crash occurs in delete_liveness_event() for the old state, which is already wiped out.
delete_liveness_event() is called by timer_event_cb() at timer.c:736
As I wrote before, the premature state removal is caused by the orient() function. We try to orient the
connection anew and the orient() function detects the condition that "both sides of ... are our
interface", terminates the connection and deletes the previous state object along the way.
More information about the Swan-commit
mailing list