Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 232508 - LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.
Summary: LSPP: racoon segfaults between a 64bit platfom and a 32 bit platform.
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ipsec-tools
Version: 5.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Steve Conklin
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks: 234654 RHEL5LSPPCertTracker
TreeView+ depends on / blocked
 
Reported: 2007-03-15 19:59 UTC by Joy Latten
Modified: 2007-11-30 22:07 UTC (History)
6 users (show)

Fixed In Version: RHSA-2007-0342
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-06-27 14:18:16 UTC


Attachments (Terms of Use)
Patch to fix racoon segfault between 32bit and 64bit machines. (deleted)
2007-03-19 23:39 UTC, Joy Latten
no flags Details | Diff

Description Joy Latten 2007-03-15 19:59:59 UTC
Description of problem:
Racoon daemon built on a 64-bit platform segfaults when setting the security
context into a proposal from a 32 bit platform. 

Version-Release number of selected component (if applicable):
ipsec-tools-0.6.5-6

How reproducible:
Happens all the time when negotiating between a 64-bit and 32-bit built app.

Steps to Reproduce:
1.setup ipsec policy between a ppc (with 32 bit apps) and a x86_64 (with 64-bit
apps)
2. start racoon on both machines
3. do a ping from a 64-bit to 32-bit or vice versa
  
Actual results:
(gdb) where
#0  0x0fec7354 in _wordcopy_fwd_aligned () from /lib/libc.so.6
#1  0x0fec7270 in memcpy () from /lib/libc.so.6
#2  0x100423e4 in set_secctx_in_proposal (iph2=<value optimized out>, spidx=
        {dir = 2 '\002', src = {ss_family = 2, __ss_align = 151239991,
__ss_padding = '\0' <repeats 119 times>}, dst = {ss_family = 2, __ss_align =
151240405, __ss_padding = '\0' <repeats 119 times>}, prefs = 32 ' ', prefd = 32
' ', ul_proto = 255, priority = 0, sec_ctx = {ctx_doi = 1 '\001', ctx_alg = 1
'\001', ctx_strlen = 10752, ctx_str =
"ealuser_u:sysadm_r:ping_t:s0-s15:c0.c1023\000\000\000\000\000\000\000\000"}})
at security.c:170
#3  0x10013fb0 in quick_r1recv (iph2=0x1008b530, msg0=0x1008b9f8)
    at isakmp_quick.c:2133
#4  0x22000482 in ?? ()
#5  0x10009140 in isakmp_ph2begin_r (iph1=0x1008a178, msg=0x1008b9f8)
    at isakmp.c:1298
in isakmp_main (msg=0x1008b9f8, remote=0xfd44e73c,
    local=0xfd44e7bc) at isakmp.c:652
#7  0x1000a9ac in isakmp_handler (so_isakmp=<value optimized out>)
    at isakmp.c:359
#8  0x10004c3c in session () at session.c:211
#9  0x100044ac in main (ac=4, av=<value optimized out>) at main.c:247
(gdb)

Comment 1 Joy Latten 2007-03-15 20:12:10 UTC
I have fixed this. Will send fix shortly.

Comment 4 Joy Latten 2007-03-19 23:39:10 UTC
Created attachment 150444 [details]
Patch to fix racoon segfault between 32bit and 64bit machines.

Patch to fix racoon segfault.

Comment 5 Joy Latten 2007-03-19 23:41:28 UTC
Eric, let me know if you would prefer inline text rather than the attachment.

Comment 9 Harald Hoyer 2007-03-21 09:33:14 UTC
test rpms with the patch:
http://people.redhat.com/harald/downloads/ipsec-tools/ipsec-tools-0.6.5-6.2.el5

Comment 10 Steve Grubb 2007-03-30 18:33:10 UTC
Joy, does this one re-test ok? Thanks.

Comment 11 Joy Latten 2007-04-02 17:12:35 UTC
This tested successfully between a ppc with 32-bit ipsec-tools-0.6.5-6.2.el5
and a 64-bit ipsec-tools-0.6.5-6.2.el5 on an x86_64, both having 72 kernel.



Note You need to log in before you can comment on or make changes to this bug.