ports/65793: SEGV in isakmpd, esp when associating with W2K ipsec client

Duane Wessels 365d at packet-pushers.com
Wed Apr 21 21:59:28 UTC 2004 

I believe the following patch syncronizes the port to the most
recent code from the OpenBSD sources.  It is more stable for me
with respect to this bug.

diff -uNr isakmpd/Makefile isakmpd.new/Makefile
--- isakmpd/Makefile	Fri Oct 17 06:41:12 2003
+++ isakmpd.new/Makefile	Wed Apr 21 15:52:11 2004
@@ -9,9 +9,9 @@
 #

 PORTNAME=	isakmpd
-PORTVERSION=	20030903
+PORTVERSION=	20040421
 CATEGORIES=	security net
-MASTER_SITES=	${MASTER_SITE_NETBSD}
+MASTER_SITES=	http://www.packet-pushers.net/isakmpd/
 MASTER_SITE_SUBDIR=	.

 MAINTAINER=	ports at FreeBSD.org
diff -uNr isakmpd/distinfo isakmpd.new/distinfo
--- isakmpd/distinfo	Thu Jan 29 09:11:30 2004
+++ isakmpd.new/distinfo	Wed Apr 21 15:23:43 2004
@@ -1,2 +1,2 @@
-MD5 (isakmpd-20030903.tar.gz) = 7a692835f7928ae0a1a8f6f2d119b4aa
-SIZE (isakmpd-20030903.tar.gz) = 358314
+MD5 (isakmpd-20040421.tar.gz) = f6b248d57cdd318169c16ed47040ef39
+SIZE (isakmpd-20040421.tar.gz) = 361739
diff -uNr isakmpd/files/patch-Makefile isakmpd.new/files/patch-Makefile
--- isakmpd/files/patch-Makefile	Fri Oct 17 06:41:12 2003
+++ isakmpd.new/files/patch-Makefile	Wed Apr 21 15:26:44 2004
@@ -1,5 +1,5 @@
---- Makefile.orig	Fri Aug 29 00:43:35 2003
-+++ Makefile	Thu Oct 16 18:54:23 2003
+--- Makefile.orig	Wed Apr 21 15:13:51 2004
++++ Makefile	Wed Apr 21 15:26:37 2004
 @@ -38,9 +38,9 @@

  # openbsd means OpenBSD 2.5 or newer. freeswan is the name for Linux with
@@ -12,6 +12,15 @@
  #OS=		freeswan
  #OS=		bsdi

+@@ -71,7 +71,7 @@
+ 		isakmp_num.c isakmp_num.h ipsec_fld.c ipsec_fld.h \
+ 		isakmp_fld.c isakmp_fld.h
+ MAN=		isakmpd.8 isakmpd.conf.5 isakmpd.policy.5
+-CFLAGS+=	-Wall -Wstrict-prototypes -Wmissing-prototypes \
++CFLAGS+=	-Wall -Wmissing-prototypes \
+ 		-Wmissing-declarations -DNEED_SYSDEP_APP \
+ 		-I${.CURDIR} -I${.CURDIR}/sysdep/${OS} -I.
+ #CFLAGS+=	-Wsign-compare -Werror
 @@ -157,6 +157,7 @@
  USE_LIBDES=	yes
  LDADD+=		-lkeynote -lm
diff -uNr isakmpd/files/patch-exchange.c isakmpd.new/files/patch-exchange.c
--- isakmpd/files/patch-exchange.c	Wed Dec 31 17:00:00 1969
+++ isakmpd.new/files/patch-exchange.c	Wed Apr 21 15:44:10 2004
@@ -0,0 +1,14 @@
+--- exchange.c.orig	Wed Apr 21 15:43:46 2004
++++ exchange.c	Wed Apr 21 15:43:05 2004
+@@ -1839,8 +1839,10 @@
+ 	   */
+ 	  if (exchange)
+ 	    exchange_add_finalization (exchange, finalize, arg);
+-	  else
++	  else if (finalize)
+ 	    finalize (0, arg, 1); /* Indicate failure */
++	  else
++	    log_print("'exchange' and 'finalize' both NULL at %s:%d", __FILE__, __LINE__);
+ 	  return;
+ 	}
+       else
diff -uNr isakmpd/files/patch-isakmpd.c isakmpd.new/files/patch-isakmpd.c
--- isakmpd/files/patch-isakmpd.c	Wed Dec 31 17:00:00 1969
+++ isakmpd.new/files/patch-isakmpd.c	Wed Apr 21 15:28:01 2004
@@ -0,0 +1,11 @@
+--- isakmpd.c.orig	Wed Apr 21 15:27:39 2004
++++ isakmpd.c	Wed Apr 21 15:27:44 2004
+@@ -368,7 +368,7 @@
+ 		if (fcntl(n, F_GETFL, 0) == -1 && errno == EBADF)
+ 			(void) open("/dev/null", n ? O_WRONLY : O_RDONLY, 0);
+
+-	for (n = 1; n < _NSIG; n++)
++	for (n = 1; n < NSIG; n++)
+ 		signal(n, SIG_DFL);
+
+ 	/* Log cmd line parsing and initialization errors to stderr.  */
diff -uNr isakmpd/files/patch-sa.c isakmpd.new/files/patch-sa.c
--- isakmpd/files/patch-sa.c	Wed Sep 10 02:22:59 2003
+++ isakmpd.new/files/patch-sa.c	Wed Apr 21 15:57:09 2004
@@ -1,25 +1,29 @@
---- sa.c.orig	Wed Nov 13 04:31:38 2002
-+++ sa.c	Sat Feb  8 12:04:21 2003
-@@ -440,6 +440,6 @@
-   LOG_DBG ((cls, level, "%s: msgid %08x refcnt %d", header,
- 	    decode_32 (sa->message_id), sa->refcnt));
--  LOG_DBG ((cls, level, "%s: life secs %llu kb %llu", header, sa->seconds,
--	    sa->kilobytes));
-+  LOG_DBG ((cls, level, "%s: life secs %llu kb %llu", header, (long long unsigned) sa->seconds,
-+	    (long long unsigned) sa->kilobytes));
-   for (proto = TAILQ_FIRST (&sa->protos); proto;
-        proto = TAILQ_NEXT (proto, link))
-@@ -1040,5 +1040,5 @@
-       LOG_DBG ((LOG_TIMER, 95,
- 		"sa_setup_expirations: SA %p soft timeout in %llu seconds",
--		sa, seconds));
-+		sa, (long long unsigned) seconds));
-       expiration.tv_sec += seconds;
-       sa->soft_death
-@@ -1058,5 +1058,5 @@
-       LOG_DBG ((LOG_TIMER, 95,
- 		"sa_setup_expirations: SA %p hard timeout in %llu seconds",
--		sa, sa->seconds));
-+		sa, (long long unsigned) sa->seconds));
-       expiration.tv_sec += sa->seconds;
-       sa->death
+--- sa.c.orig	Wed Apr 21 15:56:46 2004
++++ sa.c	Wed Apr 21 15:56:19 2004
+@@ -426,7 +426,7 @@
+ 	    decode_32(sa->cookies + 8), decode_32(sa->cookies + 12)));
+ 	LOG_DBG((cls, level, "%s: msgid %08x refcnt %d", header,
+ 	    decode_32(sa->message_id), sa->refcnt));
+-	LOG_DBG((cls, level, "%s: life secs %llu kb %llu", header, sa->seconds,
++	LOG_DBG((cls, level, "%s: life secs %llu kb %llu", header, (long long unsigned) sa->seconds,
+ 	    sa->kilobytes));
+ 	for (proto = TAILQ_FIRST(&sa->protos); proto;
+ 	    proto = TAILQ_NEXT(proto, link)) {
+@@ -1202,7 +1202,7 @@
+ 		seconds = sa->seconds * (850 + sysdep_random() % 100) / 1000;
+ 		LOG_DBG((LOG_TIMER, 95,
+ 		    "sa_setup_expirations: SA %p soft timeout in %llu seconds",
+-		    sa, seconds));
++		    sa, (long long unsigned) seconds));
+ 		expiration.tv_sec += seconds;
+ 		sa->soft_death = timer_add_event("sa_soft_expire",
+ 		    sa_soft_expire, sa, &expiration);
+@@ -1217,7 +1217,7 @@
+ 		gettimeofday(&expiration, 0);
+ 		LOG_DBG((LOG_TIMER, 95,
+ 		    "sa_setup_expirations: SA %p hard timeout in %llu seconds",
+-		    sa, sa->seconds));
++		    sa, (long long unsigned) sa->seconds));
+ 		expiration.tv_sec += sa->seconds;
+ 		sa->death = timer_add_event("sa_hard_expire",
+ 		    sa_hard_expire, sa, &expiration);

More information about the freebsd-ports-bugs mailing list