Site Navigation

Date:      Sat, 25 Mar 2006 03:09:43 GMT
From:      Mats Palmgren <mats.palmgren@bredband.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/94921: isakmpd fails on amd64
Message-ID:  <200603250309.k2P39hT3037069@www.freebsd.org>
Resent-Message-ID: <200603250310.k2P3AEed037593@freefall.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

>Number:         94921
>Category:       ports
>Synopsis:       isakmpd fails on amd64
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Mar 25 03:10:13 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Mats Palmgren
>Release:        
>Organization:
>Environment:
FreeBSD x 6.1-BETA2 FreeBSD 6.1-BETA2 #0: Thu Feb 16 22:41:50 UTC 2006     root@bloom.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64

>Description:
On amd64:

# ./isakmpd -d -DA=80 2>&1 |grep -A15 KE_NONCE
014147.212770 Negt 80 ike_phase_1_post_exchange_KE_NONCE: g^xy:
014147.212845 Negt 80 3566c7dc adeac30a 7690c318 8a974fea a97f59d4 391c3e51
32dab30e 863ef192
014147.212972 Negt 80 711d7920 2f702636 4312a76b b0ed881e eb9b2cc1 a793145a
a679905f bdd84176
014147.212998 Negt 80 2b980c74 d22b9f12 572554ac 8898036e ebdb1a3c efb056f6
ac3108e1 cc9b0262
014147.213062 Negt 80 ab693ccb b9a0c931 8b741fb3 6d341382 8575647a af929c5a
f09c5d72 759fa5e7
014147.213080 Negt 10 MATS pre_shared_gen_skeyid: START
014147.213136 Negt 10 MATS ike_auth_get_key: 6FS6o7d5247hnb7M7kW
014147.213168 Cryp 60 hash_get: requested algorithm 1
014147.213229 Negt 10 MATS pre_shared_gen_skeyid: nonce_i:
014147.213251 Negt 10 fb40c23d fa26a01b aadea179 3ac3c675
014147.213274 Negt 10 MATS pre_shared_gen_skeyid: nonce_r:
014147.213333 Negt 10 fb85e612 29a5c670 d1ed0e52 e63f4a37
014147.213356 Negt 10 MATS pre_shared_gen_skeyid: skeyid:
014147.213406 Negt 10 52e3f141 9b0205c0 4ae4be28 37326748 6fe521be
014147.213469 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID:
014147.213492 Negt 80 52e3f141 9b0205c0 4ae4be28 37326748 6fe521be
014147.213525 Cryp 60 hash_get: requested algorithm 1
014147.213591 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_d:
014147.213613 Negt 80 c872f31e c146f14d 64875361 d38b2220 1b974bf9
014147.213664 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_a:
014147.213686 Negt 80 349538c6 8e462dce 1ec2f7fc 8310ee0a 36a397bd
014147.213739 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_e:
014147.213761 Negt 80 51183104 f7d9bc30 491a5900 815dba10 5af8408c
014147.213804 Cryp 60 hash_get: requested algorithm 1
014147.213841 Cryp 40 crypto_init: key:
014147.213891 Cryp 40 9eb4addc 94957d07 594c1316 ba406618 1a644f82 fba7ffd1



On i386:
# ./isakmpd -d -DA=80 2>&1 |grep -A15 KE_NONCE
014147.238275 Negt 80 ike_phase_1_post_exchange_KE_NONCE: g^xy:
014147.238294 Negt 80 3566c7dc adeac30a 7690c318 8a974fea a97f59d4 391c3e51
32dab30e 863ef192
014147.238310 Negt 80 711d7920 2f702636 4312a76b b0ed881e eb9b2cc1 a793145a
a679905f bdd84176
014147.238325 Negt 80 2b980c74 d22b9f12 572554ac 8898036e ebdb1a3c efb056f6
ac3108e1 cc9b0262
014147.238340 Negt 80 ab693ccb b9a0c931 8b741fb3 6d341382 8575647a af929c5a
f09c5d72 759fa5e7
014147.238347 Negt 10 MATS pre_shared_gen_skeyid: START
014147.238357 Negt 10 MATS ike_auth_get_key: 6FS6o7d5247hnb7M7kW
014147.238400 Cryp 60 hash_get: requested algorithm 1
014147.238426 Negt 10 MATS pre_shared_gen_skeyid: nonce_i:
014147.238450 Negt 10 fb40c23d fa26a01b aadea179 3ac3c675
014147.238471 Negt 10 MATS pre_shared_gen_skeyid: nonce_r:
014147.238495 Negt 10 fb85e612 29a5c670 d1ed0e52 e63f4a37
014147.238523 Negt 10 MATS pre_shared_gen_skeyid: skeyid:
014147.238548 Negt 10 e59dd4eb 82e00e75 25a7a039 f74a2b73 bb60d0eb
014147.238569 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID:
014147.238597 Negt 80 e59dd4eb 82e00e75 25a7a039 f74a2b73 bb60d0eb
014147.238619 Cryp 60 hash_get: requested algorithm 1
014147.238662 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_d:
014147.238675 Negt 80 b1c85da3 3e5cd92e 3b7093a1 3a49745d 332c970e
014147.238693 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_a:
014147.238723 Negt 80 2eb16c4a e63f6384 83a15eb8 0b88b467 c2f9744f
014147.238753 Negt 80 ike_phase_1_post_exchange_KE_NONCE: SKEYID_e:
014147.238790 Negt 80 d7837776 59a3b7e3 0a02a811 c5e2f80d 1bde3e1e
014147.238810 Cryp 60 hash_get: requested algorithm 1
014147.238850 Cryp 40 crypto_init: key:
014147.238876 Cryp 40 348ecbdc 4b3e14f6 8bc0c5a7 954b422b 4484fa60 9b121d7f


(the messages marked with MATS was added by me for debugging...)

The result is that the keys doesn't match...

The bug is that SHA1 and MD5 hash alg. that is included in isakmpd
source does not work on amd64 (probably also affects other 64-bit archs).
>How-To-Repeat:
Configure a VPN with pre-shared keys between a amd64 host and a i386 host.
>Fix:
diff -rpu8 sysdep/common/libsysdep/sha1.c sysdep-FIXED/common/libsysdep/sha1.c
--- sysdep/common/libsysdep/sha1.c	Sun Jan 28 23:38:48 2001
+++ sysdep-FIXED/common/libsysdep/sha1.c	Sat Mar 25 02:48:19 2006
@@ -46,22 +46,22 @@ A million repetitions of "a"
 #define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
 #define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
 #define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
 #define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
 
 
 /* Hash a single 512-bit block. This is the core of the algorithm. */
 
-void SHA1Transform(unsigned long state[5], unsigned char buffer[64])
+void SHA1Transform(UINT4 state[5], unsigned char buffer[64])
 {
-unsigned long a, b, c, d, e;
+UINT4 a, b, c, d, e;
 typedef union {
     unsigned char c[64];
-    unsigned long l[16];
+    UINT4 l[16];
 } CHAR64LONG16;
 CHAR64LONG16* block;
 #ifdef SHA1HANDSOFF
 static CHAR64LONG16 workspace;
     block = &workspace;
     memcpy(block, buffer, 64);
 #else
     block = (CHAR64LONG16*)buffer;
@@ -118,17 +118,17 @@ void SHA1Init(SHA1_CTX* context)
 }
 
 
 /* Run your data through this. */
 
 void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int len)
 {
 unsigned int i;
-unsigned long j;
+UINT4 j;
 
     j = context->count[0];
     if ((context->count[0] += len << 3) < j) context->count[1] += (len>>29)+1;
     j = (j >> 3) & 63;
     if ((j + len) > 63) {
         memcpy(&context->buffer[j], data, (i = 64-j));
         SHA1Transform(context->state, context->buffer);
         for ( ; i + 63 < len; i += 64) {
@@ -140,17 +140,17 @@ unsigned long j;
     memcpy(&context->buffer[j], &data[i], len - i);
 }
 
 
 /* Add padding and return the message digest. */
 
 void SHA1Final(unsigned char digest[20], SHA1_CTX* context)
 {
-unsigned long i, j;
+UINT4 i, j;
 unsigned char finalcount[8];
 
     for (i = 0; i < 8; i++) {
         finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
          >> ((3-(i & 3)) * 8) ) & 255);  /* Endian independent */
     }
     SHA1Update(context, (unsigned char *)"\200", 1);
     while ((context->count[0] & 504) != 448) {
diff -rpu8 sysdep/common/md5.h sysdep-FIXED/common/md5.h
--- sysdep/common/md5.h	Sun Jan 28 23:38:47 2001
+++ sysdep-FIXED/common/md5.h	Sat Mar 25 02:47:19 2006
@@ -7,24 +7,26 @@
      function argument prototyping.
    The following makes PROTOTYPES default to 0 if it has not already
      been defined with C compiler flags.
  */
 #ifndef PROTOTYPES
 #define PROTOTYPES 1
 #endif
 
+#include <sys/types.h>
+
 /* POINTER defines a generic pointer type */
 typedef unsigned char *POINTER;
 
 /* UINT2 defines a two byte word */
-typedef unsigned short int UINT2;
+typedef u_int16_t UINT2;
 
 /* UINT4 defines a four byte word */
-typedef unsigned long int UINT4;
+typedef u_int32_t UINT4;
 
 /* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
    If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
      returns an empty list.
  */
 
 #if PROTOTYPES
 #define PROTO_LIST(list) list
diff -rpu8 sysdep/common/sha1.h sysdep-FIXED/common/sha1.h
--- sysdep/common/sha1.h	Sun Jan 28 23:38:47 2001
+++ sysdep-FIXED/common/sha1.h	Sat Mar 25 02:47:12 2006
@@ -1,18 +1,22 @@
 /*	$OpenBSD: sha1.h,v 1.2 2001/01/28 22:38:47 niklas Exp $	*/
 
 /*
 SHA-1 in C
 By Steve Reid <steve@edmweb.com>
 100% Public Domain
 */
 
+#include <sys/types.h>
+
+typedef u_int32_t UINT4;
+
 typedef struct {
-    unsigned long state[5];
-    unsigned long count[2];
+    UINT4 state[5];
+    UINT4 count[2];
     unsigned char buffer[64];
 } SHA1_CTX;
 
-void SHA1Transform(unsigned long state[5], unsigned char buffer[64]);
+void SHA1Transform(UINT4 state[5], unsigned char buffer[64]);
 void SHA1Init(SHA1_CTX* context);
 void SHA1Update(SHA1_CTX* context, unsigned char* data, unsigned int len);
 void SHA1Final(unsigned char digest[20], SHA1_CTX* context);

>Release-Note:
>Audit-Trail:
>Unformatted:

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603250309.k2P39hT3037069>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact