Bug 232565 - immediate disconnect from Red Hat VPN
Summary: immediate disconnect from Red Hat VPN
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: vpnc
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-16 03:54 UTC by Alexandre Oliva
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version: vpnc-0.4.0-4.fc8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-09-03 15:49:47 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Alexandre Oliva 2007-03-16 03:54:29 UTC
Description of problem:
I haven't been able to get into the Red Hat vpn using vpnc-0.4.0-1.fc7.  The
vpnc executable from vpnc-0.3.3-13.fc6 works like a charm.

I run as root vpnc --ifname tun0 /name/of/config.file

where config.file contains stuff such as:

IPsec gateway <snipped> (the RDU gateway)
IPsec ID <snipped>
IPsec secret <snipped>
Xauth username <snipped>
# Rekeying interval 7200

Version-Release number of selected component (if applicable):
vpnc-0.4.0-1.fc7.x86_64

How reproducible:
Every time

Steps to Reproduce:
1.Start vpnc with --no-detach, as above
2.Enter the password

Actual results:
Shortly after displaying the banner, it quits.  

Expected results:
Not quitting.

Additional info:
It's behind NAT, which works fine with the older release.  Apparently it sends a
packet after S7.10, and receives a response to the effect that it should quit,
so it prints S8, logs "connection terminated by peer" and quits.

Comment 1 Tomas Mraz 2007-03-19 14:28:51 UTC
It seems like the x86_64 compilation bug is back. Can you try to recompile the
src.rpm without -fstack-protector whether it helps?


Comment 2 Tom "spot" Callaway 2007-03-20 12:36:05 UTC
Yes. Compiling without -fstack-protector on x86_64 makes this bug vanish (poof!).

Comment 3 Tomas Mraz 2007-09-03 15:49:47 UTC
It was caused by a bug in vpnc. It was overwriting a value on stack because of
wrong sizeof() call. The -fstack-protector caused reordering the values on the
stack so an important value was overwritten without the option the overwrite was
harmless so the code worked.



Note You need to log in before you can comment on or make changes to this bug.