[Swan-dev] pluto: Fix nat_traversal assertion failure in main_inI1_outR1

Paul Wouters paul at nohats.ca
Fri May 8 23:47:28 EEST 2015

On Wed, 29 Apr 2015, Herbert Xu wrote:

> The function main_inI1_outI1 increments numvidtosend when it
> calculates what vendor IDs will be sent.  It then decrements
> it when actually sending out those IDs.
> Therefore it is paramount that the same condition be used in
> both cases for a given vendor ID.  However, for nat_traversal
> we end up using different conditions, causing a potential imbalance
> and crash.
> This patch fixes it by using the same condition for both.

> 	/* Increase VID counter for NAT-T VID */
> -	if (nat_traversal_enabled && md->quirks.qnat_traversal_vid != VID_none) {
> +	if (st->hidden_variables.st_nat_traversal != LEMPTY) {
> 		DBG(DBG_NATT, DBG_log("nat-t detected, sending nat-t VID"));
> 		numvidtosend++;

It was actually using the same condition. At the start of the function
it calls set_nat_traversal() with the md, which checks for
nat_traversal_enabled and md->quirks.qnat_traversal_vid != VID_none
before setting st->hidden_variables.st_nat_traversal, so it is the
same condition, but it is not very obvious. As your patch makes that
more obvious, I applied it.



More information about the Swan-dev mailing list