[Swan-dev] crash introduced in c2ea0911 while replacing IKEv1 ISKAMP SA
Tuomo Soini
tis at foobar.fi
Wed Nov 2 18:32:01 UTC 2016
On Sat, 29 Oct 2016 19:10:18 +0200
Antony Antony <antony at phenome.org> wrote:
> c2ea0911 introduced a crasher for IKEv1. When pluto replace IKE SA
> and delete itself.
>
> #0 0x00005610ca3c34b7 in free_generalNames (gn=0xe, free_name=1)
> at /home/build/libreswan/lib/libswan/x509dn.c:742
> #1 0x00005610ca329edb in delete_state (st=0x5610cb16eaa0)
> at /home/build/libreswan/programs/pluto/state.c:922
>
> I think Tuomo also noticed this crasher. He mentioned that he is
> working on it on IRC. Here is a simple fix for it. Possibly there is
> a better way to clean up freeing st_requested_ca.
>
> leak detect was not enabled when I tried. It seems to have
> disappeared again.
>
> I wonder if the c2ea0911 was only tested for IKEv2? IKEv2 does not
> seems to have this issue. Or possibly interoperating with other
> implemenations?
>
> -antony
>
> PS: in the testcase you could test it in ikev2-20-ikesa-replace
> change ikev2=never on road.conf and east.conf.
>
> https://bugs.libreswan.org/show_bug.cgi?id=276
The patch in this bug was cause for the crasher. I reverted it with
commit 14348a4e3433881a56ac8463c2d052ba03428197.
--
Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
More information about the Swan-dev
mailing list