Bug 232565

Summary: immediate disconnect from Red Hat VPN
Product: [Fedora] Fedora Reporter: Alexandre Oliva <aoliva>
Component: vpncAssignee: Tomas Mraz <tmraz>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: tcallawa, wtogami, zaitcev
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: vpnc-0.4.0-4.fc8 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-09-03 15:49:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexandre Oliva 2007-03-16 03:54:29 UTC 
Description of problem:
I haven't been able to get into the Red Hat vpn using vpnc-0.4.0-1.fc7.  The
vpnc executable from vpnc-0.3.3-13.fc6 works like a charm.

I run as root vpnc --ifname tun0 /name/of/config.file

where config.file contains stuff such as:

IPsec gateway <snipped> (the RDU gateway)
IPsec ID <snipped>
IPsec secret <snipped>
Xauth username <snipped>
# Rekeying interval 7200

Version-Release number of selected component (if applicable):
vpnc-0.4.0-1.fc7.x86_64

How reproducible:
Every time

Steps to Reproduce:
1.Start vpnc with --no-detach, as above
2.Enter the password

Actual results:
Shortly after displaying the banner, it quits.  

Expected results:
Not quitting.

Additional info:
It's behind NAT, which works fine with the older release.  Apparently it sends a
packet after S7.10, and receives a response to the effect that it should quit,
so it prints S8, logs "connection terminated by peer" and quits.
Comment 1 Tomas Mraz 2007-03-19 14:28:51 UTC 
It seems like the x86_64 compilation bug is back. Can you try to recompile the
src.rpm without -fstack-protector whether it helps?
Comment 2 Tom "spot" Callaway 2007-03-20 12:36:05 UTC 
Yes. Compiling without -fstack-protector on x86_64 makes this bug vanish (poof!).
Comment 3 Tomas Mraz 2007-09-03 15:49:47 UTC 
It was caused by a bug in vpnc. It was overwriting a value on stack because of
wrong sizeof() call. The -fstack-protector caused reordering the values on the
stack so an important value was overwritten without the option the overwrite was
harmless so the code worked.