On Fri, 22 Jun 2018, D. Hugh Redelmeier wrote:
File descriptor leaks should result in whack commands that don't
terminate. Since I'm unaware of complaints of this nature, it seems
likely that the leaks are on rarely executed paths. Or maybe I just don't
hear the complaints.
Use-after-free would be observable in two different ways:
- the whack command being released too soon
- logging from one whack command being translated to another command. Or
worse: appearing on a completely unrelated file or socket.
You broke it. See for example ikev1-hostpair-01:
"westnet-eastnet-ipv4-psk-ikev1" #1: STATE_XAUTH_I1: 60 second timeout exceeded
after 7 retransmits. No response (or no acceptable response) to our IKEv1 message
"westnet-eastnet-ipv4-psk-ikev1" #1: starting keying attempt 2 of an unlimited
number, but releasing whack
"westnet-eastnet-ipv4-psk-ikev1" #2: initiating Main Mode to replace #1
"westnet-eastnet-ipv4-psk-ikev1" #1: deleting state (STATE_XAUTH_I1) and
sending notification
"westnet-eastnet-ipv4-psk-ikev1" #2: STATE_MAIN_I2: sent MI2, expecting MR2
"westnet-eastnet-ipv4-psk-ikev1" #2: STATE_MAIN_I3: sent MI3, expecting MR3
"westnet-eastnet-ipv4-psk-ikev1" #2: Peer ID is ID_FQDN: '@east'
"westnet-eastnet-ipv4-psk-ikev1" #2: STATE_MAIN_I4: ISAKMP SA established
{auth=PRESHARED_KEY cipher=aes_256 integ=sha2_256 group=MODP2048}
"westnet-eastnet-ipv4-psk-ikev1" #2: XAUTH username requested, but no file
descriptor available for prompt
"westnet-eastnet-ipv4-psk-ikev1" #2: sending encrypted notification
CERTIFICATE_UNAVAILABLE to 192.1.2.23:4500
"westnet-eastnet-ipv4-psk-ikev1" #2: XAUTH username requested, but no file
descriptor available for prompt
"westnet-eastnet-ipv4-psk-ikev1" #2: sending encrypted notification
CERTIFICATE_UNAVAILABLE to 192.1.2.23:4500
"westnet-eastnet-ipv4-psk-ikev1" #2: XAUTH username requested, but no file
descriptor available for prompt
"westnet-eastnet-ipv4-psk-ikev1" #2: sending encrypted notification
CERTIFICATE_UNAVAILABLE to 192.1.2.23:4500
[...]
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
