From ec331a7dd633da57e46bd6e31edaf172104e3197 Mon Sep 17 00:00:00 2001 From: Ansis Atteka Date: Mon, 9 Sep 2013 15:42:55 -0700 Subject: kernel-netlink: increase buffer size for RT netlink messages Commit 940e1b0f66dc04b0853414c1f4c45fa3f6e33bdd "Filter ignored interfaces in kernel interfaces (for events, address enumeration, etc.)" made charon to ignore routes with unusable interfaces. Unusable interface is one where charon has not seen RTM_NEWLINK message from the kernel. Sometime RTM_NEWLINK message can be 1048 bytes large. This is 24 bytes more than currently allocated buffer of 1024 bytes. If kernel sends such a large message, then it would be silently ignored by charon and corresponding interface would never become usable. Hence strongSwan might resolve invalid source IP address in get_route() function. This would prevent IPsec tunnel to be established. To reproduce create a VLAN interface with following command: vconfig add eth1 12 --- src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c') diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c index 43bcb677b..1b9e0f031 100644 --- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c +++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_net.c @@ -1092,7 +1092,7 @@ static void process_route(private_kernel_netlink_net_t *this, struct nlmsghdr *h static bool receive_events(private_kernel_netlink_net_t *this, int fd, watcher_event_t event) { - char response[1024]; + char response[1536]; struct nlmsghdr *hdr = (struct nlmsghdr*)response; struct sockaddr_nl addr; socklen_t addr_len = sizeof(addr); -- cgit v1.2.3