Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 19 Dec 2002 15:10:35 -0500 (EST)
From:      Andriy Gapon <avg@icyb.net.ua>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/46381: racoon coredumps when talking to win2k
Message-ID:  <200212192010.gBJKAZTR067773@edge.foundation.invalid>
next in thread | raw e-mail | index | archive | help 

>Number:         46381
>Category:       ports
>Synopsis:       racoon coredumps when talking to win2k
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 19 12:20:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Andriy Gapon
>Release:        FreeBSD 4.7-RELEASE-p2 i386
>Organization:
>Environment:
System: FreeBSD edge.foundation.invalid 4.7-RELEASE-p2 FreeBSD 4.7-RELEASE-p2 #0: Tue Nov 19 17:28:50 EST 2002 avg@edge.foundation.invalid:/sys-devel/obj/sys-devel/src/sys/EDGE i386


	racoon version 20021120a	
>Description:
	racoon succesfully establishes SA with Win2K host for tunnel mode ipsec
	and shortly after that coredumps.
	Here's a stacktrace:

	Core was generated by `racoon'.
	Program terminated with signal 11, Segmentation fault.
	Reading symbols from /usr/lib/libcrypto.so.2...done.
	Reading symbols from /usr/lib/libssl.so.2...done.
	Reading symbols from /usr/lib/libc.so.4...done.
	Reading symbols from /usr/libexec/ld-elf.so.1...done.
	#0  0x804d7e9 in isakmp_send (iph1=0x0, sbuf=0x80b7a80) at isakmp.c:1410
	1410            s = getsockmyaddr(iph1->local);
	(gdb) bt
	#0  0x804d7e9 in isakmp_send (iph1=0x0, sbuf=0x80b7a80) at isakmp.c:1410
	#1  0x804d985 in isakmp_ph2resend (iph2=0x80a2400) at isakmp.c:1484
	#2  0x804d95d in isakmp_ph2resend_stub (p=0x80a2400) at isakmp.c:1467
	#3  0x8074b30 in schedular () at schedule.c:96
	#4  0x804b2a6 in session () at session.c:133
	#5  0x804b07d in main (ac=3, av=0xbfbff794) at main.c:250
	#6  0x804ac51 in _start ()
	
	as you can see coredump is due to iph1 argument to isakmp_send
	being NULL. Why this happens I am not sure.

>How-To-Repeat:
	see above
>Fix:

	work-around can be to check iph2.iph1 for NULL in isakmp_ph2resend
	and ignore a resend request. But I don't know if this would do a right
	thing, since I have no clue about a root cause.


>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212192010.gBJKAZTR067773>