NetBSD Problem Report #42363
From yasuoka@iij.ad.jp Sun Nov 22 18:23:20 2009
Return-Path: <yasuoka@iij.ad.jp>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id BEDE263C489
for <gnats-bugs@gnats.NetBSD.org>; Sun, 22 Nov 2009 18:23:20 +0000 (UTC)
Message-Id: <20091123.032312.205781442.yasuoka@iij.ad.jp>
Date: Mon, 23 Nov 2009 03:23:12 +0900 (JST)
From: Yasuoka Masahiko <yasuoka@iij.ad.jp>
To: gnats-bugs@gnats.NetBSD.org
Subject: racoon uses a wrong IPsec-SA that is for different peer
>Number: 42363
>Category: bin
>Synopsis: racoon uses a wrong IPsec-SA that is for different peer
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Nov 22 18:25:00 +0000 2009
>Closed-Date: Thu Mar 11 15:50:21 +0000 2010
>Last-Modified: Sun Mar 28 16:40:02 +0000 2010
>Originator: yasuoka@iij.ad.jp
>Release: NetBSD 5.0.1
>Organization:
Internet Initiative Japan Inc.
>Environment:
System: NetBSD yasuoka-nb.iij.ad.jp 5.0.1 NetBSD 5.0.1 (GENERIC) #0: Thu Jul 30 01:39:11 UTC 2009 builds@b8.netbsd.org:/home/builds/ab/netbsd-5-0-1-RELEASE/i386/200907292356Z-obj/home/builds/ab/netbsd-5-0-1-RELEASE/src/sys/arch/i386/compile/GENERIC i386
Architecture: i386
Machine: i386
>Description:
racoon uses a wrong IPsec-SA handle that is for other peer in case it
receives a ISAKMP message for IPsec-SA that has the same message-id as
the message-id that is received before.
racoon uses message-id to find the handle of IPsec-SA. The message-id
is a unique number for each peer, but different peers may use the same
value.
Different Windows Vista or Windows 7 peers seem to use the same
message-id. racoon can handle the first Windows's Phase-2, but it
cannot handle the second Windows. Because racoon misunderstands the
message for the second Windows as the message for the first Windows.
>How-To-Repeat:
>Fix:
Index: handler.c
===================================================================
RCS file: /cvsroot/NetBSD/src/crypto/dist/ipsec-tools/src/racoon/handler.c,v
retrieving revision 1.30
diff -u -p -r1.30 handler.c
--- handler.c 3 Sep 2009 09:29:07 -0000 1.30
+++ handler.c 22 Nov 2009 16:57:16 -0000
@@ -573,7 +573,7 @@ getph2bymsgid(iph1, msgid)
{
struct ph2handle *p;
- LIST_FOREACH(p, &ph2tree, chain) {
+ LIST_FOREACH(p, &iph1->ph2tree, chain) {
if (p->msgid == msgid && p->ph1 == iph1)
return p;
}
>Release-Note:
>Audit-Trail:
From: Yasuoka Masahiko <yasuoka@iij.ad.jp>
To: gnats-bugs@NetBSD.org, gnats-admin@netbsd.org
Cc:
Subject: Re: bin/42363: racoon uses a wrong IPsec-SA that is for different
peer
Date: Mon, 23 Nov 2009 03:44:25 +0900 (JST)
Sorry. The bug I reported has fixed at revision 1.27 of handler.c.
On Sun, 22 Nov 2009 18:25:00 +0000 (UTC)
gnats-admin@netbsd.org wrote:
> Thank you very much for your problem report.
> It has the internal identification `bin/42363'.
> The individual assigned to look at your
> report is: bin-bug-people.
>
>>Category: bin
>>Responsible: bin-bug-people
>>Synopsis: racoon uses a wrong IPsec-SA that is for different peer
>>Arrival-Date: Sun Nov 22 18:25:00 +0000 2009
>
From: Christos Zoulas <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/42363 CVS commit: src/crypto/dist/ipsec-tools/src/racoon
Date: Sun, 22 Nov 2009 14:34:56 -0500
Module Name: src
Committed By: christos
Date: Sun Nov 22 19:34:56 UTC 2009
Modified Files:
src/crypto/dist/ipsec-tools/src/racoon: handler.c
Log Message:
PR/42363: Yasuoka Masahiko:
racoon uses a wrong IPsec-SA handle that is for other peer in case it
receives a ISAKMP message for IPsec-SA that has the same message-id as
the message-id that is received before.
racoon uses message-id to find the handle of IPsec-SA. The message-id
is a unique number for each peer, but different peers may use the same
value.
Different Windows Vista or Windows 7 peers seem to use the same
message-id. racoon can handle the first Windows's Phase-2, but it
cannot handle the second Windows. Because racoon misunderstands the
message for the second Windows as the message for the first Windows.
>Category: bin
>Synopsis: racoon uses a wrong IPsec-SA that is for different peer
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Nov 22 18:25:00 +0000 2009
>Originator: yasuoka@iij.ad.jp
To generate a diff of this commit:
cvs rdiff -u -r1.30 -r1.31 src/crypto/dist/ipsec-tools/src/racoon/handler.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: christos@NetBSD.org
State-Changed-When: Sun, 22 Nov 2009 14:35:50 -0500
State-Changed-Why:
fixed, thanks
From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: bin/42363 (racoon uses a wrong IPsec-SA that is for different
peer)
Date: Sat, 6 Mar 2010 19:31:51 +0000
(not sent to gnats)
------
From: YASUOKA Masahiko <yasuoka@iij.ad.jp>
To: christos@NetBSD.org
Cc: gnats-admin@netbsd.org
Subject: Re: bin/42363 (racoon uses a wrong IPsec-SA that is for different
peer)
Date: Sat, 06 Mar 2010 03:17:22 +0900 (JST)
The patch attached on bin/42363 was wrong.
struct ph2handle has following 2 list entries:
chain - to iterate all ph2handle
ph1bind - to iterate ph2handle that are bound by given ph1handle.
'ph1bind' should be used for getph2bymsgid() because the fucntion is
to search a ph2handle that belongs with the given ph1handle and has
the same msgid as the given msgid.
Please apply following patch:
Index: handler.c
===================================================================
RCS file: /cvsroot/NetBSD/src/crypto/dist/ipsec-tools/src/racoon/handler.c,v
retrieving revision 1.31
diff -u -p -r1.31 handler.c
--- handler.c 22 Nov 2009 19:34:55 -0000 1.31
+++ handler.c 5 Mar 2010 18:04:26 -0000
@@ -573,7 +573,7 @@ getph2bymsgid(iph1, msgid)
{
struct ph2handle *p;
- LIST_FOREACH(p, &iph1->ph2tree, chain) {
+ LIST_FOREACH(p, &iph1->ph2tree, ph1bind) {
if (p->msgid == msgid && p->ph1 == iph1)
return p;
}
--yasuoka
----- End forwarded message -----
--
David A. Holland
dholland@netbsd.org
State-Changed-From-To: closed->open
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sat, 06 Mar 2010 19:36:13 +0000
State-Changed-Why:
new patch in the mail
From: Christos Zoulas <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/42363 CVS commit: src/crypto/dist/ipsec-tools/src/racoon
Date: Thu, 11 Mar 2010 10:44:48 -0500
Module Name: src
Committed By: christos
Date: Thu Mar 11 15:44:48 UTC 2010
Modified Files:
src/crypto/dist/ipsec-tools/src/racoon: handler.c
Log Message:
PR/42363: Yasuoka Masahiko: Second part of the patch: iterate only on the
phase2 handles that are bound by the given phase1 handle.
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 src/crypto/dist/ipsec-tools/src/racoon/handler.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: christos@NetBSD.org
State-Changed-When: Thu, 11 Mar 2010 10:50:21 -0500
State-Changed-Why:
fixed, thanks
From: Soren Jacobsen <snj@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/42363 CVS commit: [netbsd-5] src/crypto/dist/ipsec-tools/src/racoon
Date: Sun, 28 Mar 2010 16:36:57 +0000
Module Name: src
Committed By: snj
Date: Sun Mar 28 16:36:57 UTC 2010
Modified Files:
src/crypto/dist/ipsec-tools/src/racoon [netbsd-5]: handler.c
Log Message:
Pull up following revision(s) (requested by hubertf in ticket #1341):
crypto/dist/ipsec-tools/src/racoon/handler.c: revision 1.31, 1.32
PR/42363: Yasuoka Masahiko:
racoon uses a wrong IPsec-SA handle that is for other peer in case it
receives a ISAKMP message for IPsec-SA that has the same message-id as
the message-id that is received before.
racoon uses message-id to find the handle of IPsec-SA. The message-id
is a unique number for each peer, but different peers may use the same
value.
Different Windows Vista or Windows 7 peers seem to use the same
message-id. racoon can handle the first Windows's Phase-2, but it
cannot handle the second Windows. Because racoon misunderstands the
message for the second Windows as the message for the first Windows.
--
PR/42363: Yasuoka Masahiko: Second part of the patch: iterate only on the
phase2 handles that are bound by the given phase1 handle.
To generate a diff of this commit:
cvs rdiff -u -r1.21.4.1 -r1.21.4.2 \
src/crypto/dist/ipsec-tools/src/racoon/handler.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home