My bad.
Can you try the attached which I'll call fix #1. It eliminates a continue
that would cause code setting STTTTTTTTTTTTTTTTT=NULL to be skipped (as you
can tell by the duplicate T's I'm running F26 with a kvm in the background
:-).
Fix #2, is to be robust against continue; and fix #3 is to be rid of code
relying on this macro quirk.
On 19 October 2017 at 08:16, Tuomo Soini <t...@foobar.fi> wrote:
>
> git bisect start
> # bad: [2baaa653a9961acda26f8b38e780db4acbab774a] testing: cleanup
> xauth-pluto-26 to avoid race on ipsec stop git bisect bad
> 2baaa653a9961acda26f8b38e780db4acbab774a # good:
> [961c67d31dcbbef9846df63a13674409acfc6c2c] testing: for
> kvm-install-hive build into $(KVM_OBJDIR) git bisect good
> 961c67d31dcbbef9846df63a13674409acfc6c2c # bad:
> [1ce066c9f60c7a50b3f8f39870eb7eead19d2c2d] Merge branch 'master' of
> vault.libreswan.org:/srv/src/libreswan git bisect bad
> 1ce066c9f60c7a50b3f8f39870eb7eead19d2c2d # bad:
> [23ac09a67dea13c7ce12e67f62ee8db5960e6244] state: change struct
> state_entry into a true double linked list git bisect bad
> 23ac09a67dea13c7ce12e67f62ee8db5960e6244 # good:
> [38f8c2f811761583ec5b5398f22bbff9964fb46a] state: when re-hashing a
> state, only re-hash the cookies git bisect good
> 38f8c2f811761583ec5b5398f22bbff9964fb46a # first bad commit:
> [23ac09a67dea13c7ce12e67f62ee8db5960e6244] state: change struct
> state_entry into a true double linked list
>
> This hits on ikev1.c line 1515:
>
> passert(STATE_IKE_FLOOR <= from_state && from_state <=
> STATE_IKEv1_ROOF);
>
> But even with last stable version I can't get that ikev1 connection
> working at all, logged problem is:
>
> #345: byte 2 of ISAKMP Hash Payload should have been zero, but was not
> (ignored)
> #345: length of ISAKMP Hash Payload is larger than can fit
>
> This exact tunnel hasn't been working after 3.21 release, so it was
> broken between 3.21 and 5290022.
>
> --
> Tuomo Soini <t...@foobar.fi>
> Foobar Linux services
> +358 40 5240030
> Foobar Oy <https://foobar.fi/>
> _______________________________________________
> Swan-dev mailing list
> Swan-dev@lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
>
diff --git a/programs/pluto/state.c b/programs/pluto/state.c
index ba5d75b09..43fa9fa3a 100644
--- a/programs/pluto/state.c
+++ b/programs/pluto/state.c
@@ -421,13 +421,16 @@ static char *humanize_number(uint64_t num,
/*
* Iterate over all entries with matching cookies.
+ *
+ * Beware of using continue here, it may skip unintended code burried
+ * in FOR_EACH_ENTRY_WITH_COOKIE.
*/
#define FOR_EACH_ENTRY_WITH_COOKIE(ST, ICOOKIE, RCOOKIE, CODE) \
FOR_EACH_STATE_ENTRY(ST, cookies_chain(ICOOKIE, RCOOKIE), { \
- if (!memeq(ICOOKIE, ST->st_icookie, COOKIE_SIZE) || \
- !memeq(RCOOKIE, ST->st_rcookie, COOKIE_SIZE)) \
- continue; \
- CODE \
+ if (memeq(ICOOKIE, ST->st_icookie, COOKIE_SIZE) && \
+ memeq(RCOOKIE, ST->st_rcookie, COOKIE_SIZE)) { \
+ CODE; \
+ } \
}) \
/*
_______________________________________________
Swan-dev mailing list
Swan-dev@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan-dev
