My bad. Can you try the attached which I'll call fix #1. It eliminates a continue that would cause code setting STTTTTTTTTTTTTTTTT=NULL to be skipped (as you can tell by the duplicate T's I'm running F26 with a kvm in the background :-). Fix #2, is to be robust against continue; and fix #3 is to be rid of code relying on this macro quirk.
On 19 October 2017 at 08:16, Tuomo Soini <t...@foobar.fi> wrote: > > git bisect start > # bad: [2baaa653a9961acda26f8b38e780db4acbab774a] testing: cleanup > xauth-pluto-26 to avoid race on ipsec stop git bisect bad > 2baaa653a9961acda26f8b38e780db4acbab774a # good: > [961c67d31dcbbef9846df63a13674409acfc6c2c] testing: for > kvm-install-hive build into $(KVM_OBJDIR) git bisect good > 961c67d31dcbbef9846df63a13674409acfc6c2c # bad: > [1ce066c9f60c7a50b3f8f39870eb7eead19d2c2d] Merge branch 'master' of > vault.libreswan.org:/srv/src/libreswan git bisect bad > 1ce066c9f60c7a50b3f8f39870eb7eead19d2c2d # bad: > [23ac09a67dea13c7ce12e67f62ee8db5960e6244] state: change struct > state_entry into a true double linked list git bisect bad > 23ac09a67dea13c7ce12e67f62ee8db5960e6244 # good: > [38f8c2f811761583ec5b5398f22bbff9964fb46a] state: when re-hashing a > state, only re-hash the cookies git bisect good > 38f8c2f811761583ec5b5398f22bbff9964fb46a # first bad commit: > [23ac09a67dea13c7ce12e67f62ee8db5960e6244] state: change struct > state_entry into a true double linked list > > This hits on ikev1.c line 1515: > > passert(STATE_IKE_FLOOR <= from_state && from_state <= > STATE_IKEv1_ROOF); > > But even with last stable version I can't get that ikev1 connection > working at all, logged problem is: > > #345: byte 2 of ISAKMP Hash Payload should have been zero, but was not > (ignored) > #345: length of ISAKMP Hash Payload is larger than can fit > > This exact tunnel hasn't been working after 3.21 release, so it was > broken between 3.21 and 5290022. > > -- > Tuomo Soini <t...@foobar.fi> > Foobar Linux services > +358 40 5240030 > Foobar Oy <https://foobar.fi/> > _______________________________________________ > Swan-dev mailing list > Swan-dev@lists.libreswan.org > https://lists.libreswan.org/mailman/listinfo/swan-dev >
diff --git a/programs/pluto/state.c b/programs/pluto/state.c index ba5d75b09..43fa9fa3a 100644 --- a/programs/pluto/state.c +++ b/programs/pluto/state.c @@ -421,13 +421,16 @@ static char *humanize_number(uint64_t num, /* * Iterate over all entries with matching cookies. + * + * Beware of using continue here, it may skip unintended code burried + * in FOR_EACH_ENTRY_WITH_COOKIE. */ #define FOR_EACH_ENTRY_WITH_COOKIE(ST, ICOOKIE, RCOOKIE, CODE) \ FOR_EACH_STATE_ENTRY(ST, cookies_chain(ICOOKIE, RCOOKIE), { \ - if (!memeq(ICOOKIE, ST->st_icookie, COOKIE_SIZE) || \ - !memeq(RCOOKIE, ST->st_rcookie, COOKIE_SIZE)) \ - continue; \ - CODE \ + if (memeq(ICOOKIE, ST->st_icookie, COOKIE_SIZE) && \ + memeq(RCOOKIE, ST->st_rcookie, COOKIE_SIZE)) { \ + CODE; \ + } \ }) \ /*
_______________________________________________ Swan-dev mailing list Swan-dev@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan-dev