hipl-core team mailing list archive
Mailing list archive
[Bug 607484] Re: ipsec spi number not initialized
hip_hadb_init_entry() was the crucial link that I overlooked. It's all
** Changed in: hipl
Status: New => Invalid
ipsec spi number not initialized
You received this bug notification because you are a member of HIPL core
team, which is subscribed to HIPL.
Status in Host Identity Protocol for Linux: Invalid
IPsec SAs are set up with uninitialized spi values. It seems uninitialized uint32_t variables are used to provide randomness. This might be exploitable and should be replace by a call to openssl random number generators.