From owner-freebsd-ports Wed Jan 31 6: 0:23 2001 Delivered-To: freebsd-ports@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 8AEC137B698 for ; Wed, 31 Jan 2001 06:00:02 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f0VE02883094; Wed, 31 Jan 2001 06:00:02 -0800 (PST) (envelope-from gnats) Received: from infres.enst.fr (infres.enst.fr [137.194.160.3]) by hub.freebsd.org (Postfix) with ESMTP id C25DB37B67D for ; Wed, 31 Jan 2001 05:58:32 -0800 (PST) Received: from shalmaneser.enst.fr (shalmaneser.enst.fr [137.194.160.128]) by infres.enst.fr (Postfix) with ESMTP id 1119445456 for ; Wed, 31 Jan 2001 14:58:12 +0100 (MET) Received: by shalmaneser.enst.fr (Postfix, from userid 11117) id 58E7311388; Wed, 31 Jan 2001 14:58:24 +0100 (CET) Message-Id: <20010131135824.58E7311388@shalmaneser.enst.fr> Date: Wed, 31 Jan 2001 14:58:24 +0100 (CET) From: quinot@inf.enst.fr Reply-To: quinot@inf.enst.fr To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: ports/24753: net/pipsecd: Ensure IFHEAD option is cleared on tun dev. Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 24753 >Category: ports >Synopsis: Pipsecd may get a tun device with the IFHEAD option set. >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Jan 31 06:00:02 PST 2001 >Closed-Date: >Last-Modified: >Originator: >Release: FreeBSD 5.0-CURRENT i386 >Organization: >Environment: System: FreeBSD shalmaneser.enst.fr 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Thu Nov 30 15:10:10 CET 2000 root@shalmaneser.enst.fr:/usr/obj/usr/src/sys/SHALMANESER i386 >Description: When pipsecd opens a tun device that was previously used by another application, it may obtain it with the IFHEAD flag set. This causes truncation of incoming and outgoing packets, because the program expects that this flag is cleared. >How-To-Repeat: >Fix: A patch is included with this report. The proposed fix is to add it to the FreeBSD patches of the net/pipsecd port. The problem was also reported to the upstream maintainer of pipsecd. --- pipsec-19991014/tunip.c Sun Jan 7 14:04:22 2001 +++ /usr/ports/net/pipsecd/work/pipsec-19991014/tunip.c Sun Jan 7 14:05:33 2001 @@ -35,6 +35,8 @@ #include #include #include +#include +#include #include #include #include @@ -716,13 +718,22 @@ */ int tun_send_ip(struct tun_method *this, struct encap_method *encap, int fd) { - int sent; + int sent, i; if (this->link_header_size) { encap->buflen += this->link_header_size; encap->buf -= this->link_header_size; memcpy(encap->buf, this->link_header, this->link_header_size); } +#if 0 + printf ("Packet sent to tun dev:"); + for (i = 0; i < encap->buflen; i++) { + if (!(i % 16)) + printf ("\n "); + printf (" %02x", encap->buf[i]); + } + printf ("\n\n"); +#endif sent = write(fd, encap->buf, encap->buflen); if (sent != encap->buflen) syslog(LOG_ERR, "truncated in: %d -> %d\n", encap->buflen, sent); @@ -1132,6 +1143,7 @@ } } else if (strcmp(arg, "if") == 0) { int fd; + int i = 0; struct sa_desc *local_sa, *remote_sa; struct peer_desc *peer; @@ -1140,6 +1152,7 @@ perror(arg); continue; } + ioctl (fd, TUNSIFHEAD, &i); local_sa = NULL; remote_sa = NULL; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message