On Tue, Nov 25, 2014 at 13:11 +0100, Vincent Gross wrote:
> Hi tech@,
>
> I've been using iked for some weeks to tunnel my laptop to home over 3G.
> Sunday I upgraded my laptop to the latest snapshot; previous upgrade was
> about 2 or 3 weeks ago. When I started iked, it crashed randomly, as in
> one time it runs just fine and completes the handshake, the other it
> crashes before even sending the first packet.
>
> I ran "ktrace -di /sbin/iked" and kdump'd the resulting file. Of the 5
> processes, 4 finished by calling exit(0), one was terminated on a
> SIGSEGV. As it is also the only one that do stuff on /var/run/iked.sock,
> it is the control process. I repeated the above ktrace 4 times and got
> consistent results: SIGSEGV'd control process.
>
> I'll keep the hunt going, but I am not sure how long this will take nor
> how much time I'll have to spare, so here is the control process kdump.
>
> Cheers,
>
> --
> Vincent
>
seƱior pedro@ was kind enough to send a potential fix for this.
this will be commited soon.
diff --git sbin/iked/ca.c sbin/iked/ca.c
index e43b58b..a008f99 100644
--- sbin/iked/ca.c
+++ sbin/iked/ca.c
@@ -534,7 +534,7 @@ ca_reload(struct iked *env)
X509_OBJECT *xo;
X509 *x509;
DIR *dir;
- int i, len, iovcnt = 2;
+ int i, len, iovcnt = 0;
/*
* Load CAs
@@ -620,8 +620,10 @@ ca_reload(struct iked *env)
env->sc_certreqtype = IKEV2_CERT_X509_CERT;
iov[0].iov_base = &env->sc_certreqtype;
iov[0].iov_len = sizeof(env->sc_certreqtype);
+ iovcnt++;
iov[1].iov_base = ibuf_data(env->sc_certreq);
iov[1].iov_len = ibuf_length(env->sc_certreq);
+ iovcnt++;
log_debug("%s: loaded %zu ca certificate%s", __func__,
ibuf_length(env->sc_certreq) / SHA_DIGEST_LENGTH,
@@ -677,6 +679,8 @@ ca_reload(struct iked *env)
iov[0].iov_base = &env->sc_certreqtype;
iov[0].iov_len = sizeof(env->sc_certreqtype);
+ if (iovcnt == 0)
+ iovcnt++;
(void)proc_composev_imsg(&env->sc_ps, PROC_IKEV2, -1,
IMSG_CERTREQ, -1, iov, iovcnt);
