NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
bin/42363: racoon uses a wrong IPsec-SA that is for different peer
>Number: 42363
>Category: bin
>Synopsis: racoon uses a wrong IPsec-SA that is for different peer
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Nov 22 18:25:00 +0000 2009
>Originator: yasuoka%iij.ad.jp@localhost
>Release: NetBSD 5.0.1
>Organization:
Internet Initiative Japan Inc.
>Environment:
System: NetBSD yasuoka-nb.iij.ad.jp 5.0.1 NetBSD 5.0.1 (GENERIC) #0: Thu Jul 30
01:39:11 UTC 2009
builds%b8.netbsd.org@localhost:/home/builds/ab/netbsd-5-0-1-RELEASE/i386/200907292356Z-obj/home/builds/ab/netbsd-5-0-1-RELEASE/src/sys/arch/i386/compile/GENERIC
i386
Architecture: i386
Machine: i386
>Description:
racoon uses a wrong IPsec-SA handle that is for other peer in case it
receives a ISAKMP message for IPsec-SA that has the same message-id as
the message-id that is received before.
racoon uses message-id to find the handle of IPsec-SA. The message-id
is a unique number for each peer, but different peers may use the same
value.
Different Windows Vista or Windows 7 peers seem to use the same
message-id. racoon can handle the first Windows's Phase-2, but it
cannot handle the second Windows. Because racoon misunderstands the
message for the second Windows as the message for the first Windows.
>How-To-Repeat:
>Fix:
Index: handler.c
===================================================================
RCS file: /cvsroot/NetBSD/src/crypto/dist/ipsec-tools/src/racoon/handler.c,v
retrieving revision 1.30
diff -u -p -r1.30 handler.c
--- handler.c 3 Sep 2009 09:29:07 -0000 1.30
+++ handler.c 22 Nov 2009 16:57:16 -0000
@@ -573,7 +573,7 @@ getph2bymsgid(iph1, msgid)
{
struct ph2handle *p;
- LIST_FOREACH(p, &ph2tree, chain) {
+ LIST_FOREACH(p, &iph1->ph2tree, chain) {
if (p->msgid == msgid && p->ph1 == iph1)
return p;
}
Home |
Main Index |
Thread Index |
Old Index