Bug 1114683

Summary: configuring a non-standard AH / ESP algorithm (like CAST) cause a restart of pluto
Product: Red Hat Enterprise Linux 6 Reporter: Paul Wouters <pwouters>
Component: openswanAssignee: Paul Wouters <pwouters>
Status: CLOSED ERRATA QA Contact: Jaroslav Aster <jaster>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.5CC: amarecek, azelinka, jaster, kheal, ksrot, mjh, pwouters, sforsber, tlavigne
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-14 08:19:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1080044, 1146106    

Description Paul Wouters 2014-06-30 15:58:16 UTC 
Description of problem:
Run the libreswan test case:
https://github.com/libreswan/libreswan/tree/master/testing/pluto/netkey-algo-cast-01/

Version-Release number of selected component (if applicable):
openswan-2.6.32-31

How reproducible:
always

Actual results:

#4  0x00007f1eb2c9f693 in setup_half_ipsec_sa (st=st@entry=0x7f1eb31e1810, inbound=inbound@entry=0)
    at /usr/src/debug/openswan-2.6.32/programs/pluto/kernel.c:1752
1752	        passert(st->st_esp.keymat_len == (key_len + ei->authkeylen));


Additional info:
Requires backporting commits:
7a9669350c8f26e175b0179e597d99c29cb49362
f59359ecb59a4cafa157d0058aa520e2aec7654c
(possibly a few more related to camellia as well)
Comment 2 Paul Wouters 2014-07-01 03:19:10 UTC 
backport completed and tested, ready for inclusion
Comment 13 Paul Wouters 2014-09-11 14:14:01 UTC 
*** Bug 1139080 has been marked as a duplicate of this bug. ***
Comment 14 Paul Wouters 2014-09-11 14:54:25 UTC 
*** Bug 1117407 has been marked as a duplicate of this bug. ***
Comment 22 errata-xmlrpc 2014-10-14 08:19:39 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1588.html
Comment 23 Paul Wouters 2016-04-07 20:50:18 UTC 
*** Bug 1146100 has been marked as a duplicate of this bug. ***
Comment 24 Paul Wouters 2016-04-07 20:51:25 UTC 
*** Bug 1163422 has been marked as a duplicate of this bug. ***