Hi Martin, Thanks. I will test the patch but I am not sure whether it can solve the issue. Because in tls.c, while building records, the value of type should be set to 0 in every invocation in the while loop which is not happening. If type is not reset to 0, it will retain its previous value, and will cause erroneous (*type == ) to be true later leading to failed negotiation. ppc64 being a stricter architecture caught this whereas x86/64 did not.
Anyway, I will test your patch and let you know. Thanks Avesh On Thu, Jan 8, 2015 at 5:19 AM, Martin Willi <[email protected]> wrote: > Hi Avesh, > > > It turns out that unintialization of record type in the while loop during > > building of TLS records in tls.c is wreaking havoc on ppc64. I have come > up > > with a preliminary patch for upstream review > > Thanks for your in-depth analysis and your patch. There is definitely a > bug while building those records. > > I've tried to address this in a slightly different way. The upper layers > return NEED_MORE if any record has been created. So we actually should > check for that return type before querying the type output parameter. > > Please try the attached patch; I don't have a PPC64 architecture at > hand, so your feedback is much appreciated. > > Regards > Martin > > >
_______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
