Public bug reported:
A bug in keepalived 1.2.7 causes VRRP peers to ignore each other's VRRP
packets leading to a "multi-master" situation. The logs show the
following:
Aug 13 11:30:53 lb04 Keepalived_vrrp[22093]: bogus VRRP packet received on eth0
!!!
Aug 13 11:30:53 lb04 Keepalived_vrrp[22093]: VRRP_Instance(PRIV) ignoring
received advertisment...
Aug 13 11:30:54 lb04 Keepalived_vrrp[22093]: receive an invalid ip number count
associated with VRID!
Aug 13 11:30:54 lb04 Keepalived_vrrp[22093]: bogus VRRP packet received on eth0
!!!
Aug 13 11:30:54 lb04 Keepalived_vrrp[22093]: VRRP_Instance(PRIV) ignoring
received advertisment...
Aug 13 11:30:55 lb04 Keepalived_vrrp[22093]: receive an invalid ip number count
associated with VRID!
>From 1.2.8 changelog:
* Ryan O'Hara fixed pointer arithmetic for VRRP packet.
When using IPSEC AH authentication, the pointer arithmetic used
to get the location of the VRRP packet is incorrect. The address
of the IPSEC header must be cast as (char *) in order to get
correct address of the VRRP packet. Without this patch,
vrrp_in_chk() will fail to verify incoming VRRP packets when
IPSEC AH is enabled.
Please either update the package or backport the fix. The fix involves
updating a single line in vrrp.c:
--- keepalived-1.2.7/keepalived/vrrp/vrrp.c.orig 2012-08-16
16:21:28.000000000 -0700
+++ keepalived-1.2.7/keepalived/vrrp/vrrp.c 2014-08-13 13:09:48.289648524
-0700
@@ -238,7 +238,7 @@
if (vrrp->auth_type == VRRP_AUTH_AH) {
ah = (ipsec_ah *) (buffer + ihl);
- hd = (vrrp_pkt *) (ah + vrrp_ipsecah_len());
+ hd = (vrrp_pkt *) ((char *) ah + vrrp_ipsecah_len());
} else {
hd = (vrrp_pkt *) (buffer + ihl);
}
Attached is a patch (keepalived_debian_ah.patch) to be applied to the
debian directory, patches the series file and puts the above patch in
place.
OS: Ubuntu 14.04 LTS
Package: keepalived 1:1.2.7-1ubuntu1
** Affects: keepalived (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "keepalived_debian_ah.patch"
https://bugs.launchpad.net/bugs/1356575/+attachment/4176871/+files/keepalived_debian_ah.patch
--
You received this bug notification because you are a member of Ubuntu
High Availability Team, which is subscribed to keepalived in Ubuntu.
https://bugs.launchpad.net/bugs/1356575
Title:
VRRP AH auth_type broken in 1.2.7
Status in “keepalived” package in Ubuntu:
New
Bug description:
A bug in keepalived 1.2.7 causes VRRP peers to ignore each other's
VRRP packets leading to a "multi-master" situation. The logs show the
following:
Aug 13 11:30:53 lb04 Keepalived_vrrp[22093]: bogus VRRP packet received on
eth0 !!!
Aug 13 11:30:53 lb04 Keepalived_vrrp[22093]: VRRP_Instance(PRIV) ignoring
received advertisment...
Aug 13 11:30:54 lb04 Keepalived_vrrp[22093]: receive an invalid ip number
count associated with VRID!
Aug 13 11:30:54 lb04 Keepalived_vrrp[22093]: bogus VRRP packet received on
eth0 !!!
Aug 13 11:30:54 lb04 Keepalived_vrrp[22093]: VRRP_Instance(PRIV) ignoring
received advertisment...
Aug 13 11:30:55 lb04 Keepalived_vrrp[22093]: receive an invalid ip number
count associated with VRID!
From 1.2.8 changelog:
* Ryan O'Hara fixed pointer arithmetic for VRRP packet.
When using IPSEC AH authentication, the pointer arithmetic used
to get the location of the VRRP packet is incorrect. The address
of the IPSEC header must be cast as (char *) in order to get
correct address of the VRRP packet. Without this patch,
vrrp_in_chk() will fail to verify incoming VRRP packets when
IPSEC AH is enabled.
Please either update the package or backport the fix. The fix involves
updating a single line in vrrp.c:
--- keepalived-1.2.7/keepalived/vrrp/vrrp.c.orig 2012-08-16
16:21:28.000000000 -0700
+++ keepalived-1.2.7/keepalived/vrrp/vrrp.c 2014-08-13 13:09:48.289648524
-0700
@@ -238,7 +238,7 @@
if (vrrp->auth_type == VRRP_AUTH_AH) {
ah = (ipsec_ah *) (buffer + ihl);
- hd = (vrrp_pkt *) (ah + vrrp_ipsecah_len());
+ hd = (vrrp_pkt *) ((char *) ah + vrrp_ipsecah_len());
} else {
hd = (vrrp_pkt *) (buffer + ihl);
}
Attached is a patch (keepalived_debian_ah.patch) to be applied to the
debian directory, patches the series file and puts the above patch in
place.
OS: Ubuntu 14.04 LTS
Package: keepalived 1:1.2.7-1ubuntu1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/keepalived/+bug/1356575/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~ubuntu-ha
Post to : [email protected]
Unsubscribe : https://launchpad.net/~ubuntu-ha
More help : https://help.launchpad.net/ListHelp
