[Bug 374185] [NEW] racoon crashes when racoon.conf contains sainfo section for ipv6

Fredrik Ljunggren fredrik at kirei.se
Sat May 9 18:19:05 BST 2009 

Public bug reported:

Binary package hint: ipsec-tools

It seems I am the only one on this planet using ipv6. Since ipsec-tools
0.7, when configuring v6 addresses in sainfo section of racoon.conf,
racoon crashes:

$ sudo racoon -F
Foreground mode.
2009-05-09 19:14:34: INFO: @(#)ipsec-tools 0.7 (http://ipsec-tools.sourceforge.net)
2009-05-09 19:14:34: INFO: @(#)This product linked OpenSSL 0.9.8g 19 Oct 2007 (http://www.openssl.org/)
2009-05-09 19:14:34: INFO: Reading configuration from "/etc/racoon/racoon.conf"
2009-05-09 19:14:36: INFO: Resize address pool from 0 to 255
*** stack smashing detected ***: racoon terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7c63138]
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x0)[0xb7c630f0]
racoon[0x8073079]
racoon[0x808ac74]
racoon[0x808b015]
racoon[0x8091d8b]
racoon[0x80943e8]
racoon[0x804cfcd]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe0)[0xb7b8c450]
racoon[0x804cb71]
======= Memory map: ========
08048000-080bb000 r-xp 00000000 08:01 84214      /usr/sbin/racoon
080bb000-080bc000 rw-p 00072000 08:01 84214      /usr/sbin/racoon
080bc000-080e3000 rw-p 080bc000 00:00 0          [heap]
..

Now, this happens without even communicating with the far end.

To reproduce, take for example this rather minimal racoon.conf:

---- 8< ----

remote ::2 {
  exchange_mode main;
  proposal {
    encryption_algorithm aes;
    hash_algorithm sha1;
    authentication_method pre_shared_key;
    dh_group 2;
  }
}

sainfo address ::1 any address ::2 any
{
       encryption_algorithm aes;
       authentication_algorithm hmac_sha1;
       compression_algorithm deflate;
}

sainfo address ::2 any address ::1 any
{
       encryption_algorithm aes;
       authentication_algorithm hmac_sha1;
       compression_algorithm deflate;
}

---- 8< ----

and start racoon in the forground - it will crash instantly.


Source package: ipsec-tools_0.7-2.1ubuntu1 (9.04)

** Affects: ipsec-tools (Ubuntu)
     Importance: Undecided
         Status: New

-- 
racoon crashes when racoon.conf contains sainfo section for ipv6
https://bugs.launchpad.net/bugs/374185
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipsec-tools in ubuntu.

More information about the Ubuntu-server-bugs mailing list