DuckCorp Projects: Issueshttps://projects.duckcorp.org/https://projects.duckcorp.org/favicon.ico?16699090422015-01-15T02:01:19ZDuckCorp Projects
Redmine Bip - Bug #431 (New): bip is leaking file descriptorshttps://projects.duckcorp.org/issues/4312015-01-15T02:01:19ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>fran wrote:</p>
<blockquote>
<p>bip is leaking file descriptors on my server, and the fix is pretty easy: on connection.c, on read_socket, whenever read returns <1 and errno is different to EAGAIN and EINTR, the socket MUST be closed <br />because read will not return 0 on the following iterations of select (cause it's not added to the read fd_set after that), plus after read failing with fatal error it keeps returning -1</p>
</blockquote> UFWI - Enhancement #417 (New): Add GnuTLS 3.x supporthttps://projects.duckcorp.org/issues/4172014-11-25T22:42:24ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Oleg Blednov</p> UFWI - Bug #413 (New): Remove dependency to networkhttps://projects.duckcorp.org/issues/4132014-11-25T22:40:15ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Creating a ruleset only shows :<br /><pre>
Firewall error
Error #1201001: No component registered with this name ('network')
</pre></p>
<p>Added by Laurent Defert</p> UFWI - Bug #406 (New): Remove dependency to multisitehttps://projects.duckcorp.org/issues/4062014-11-25T22:37:53ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Bug #405 (New): Remove dependency to ldaphttps://projects.duckcorp.org/issues/4052014-11-25T22:37:34ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Bug #404 (New): Remove dependency to ufwi_confhttps://projects.duckcorp.org/issues/4042014-11-25T22:37:15ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #390 (New): Add libev 4.0 supporthttps://projects.duckcorp.org/issues/3902014-11-25T22:29:37ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Enhancement #384 (New): Debian packaginghttps://projects.duckcorp.org/issues/3842014-11-25T22:26:05ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Bug #383 (New): Test under Valgrindhttps://projects.duckcorp.org/issues/3832014-11-25T22:25:46ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Documentation #358 (New): API documentationhttps://projects.duckcorp.org/issues/3582014-11-25T02:03:08ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Bug #357 (New): Add CRL distribution point supporthttps://projects.duckcorp.org/issues/3572014-11-25T02:02:26ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Bug #356 (New): Test CRL handlinghttps://projects.duckcorp.org/issues/3562014-11-25T02:02:02ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> Bip - Enhancement #270 (Resolved): GIT: use signed taghttps://projects.duckcorp.org/issues/2702012-01-10T01:53:49ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Signed tags must be used.</p> Bip - Bug #269 (Resolved): buffer overflow when number of open file descriptors >= FD_SETSIZEhttps://projects.duckcorp.org/issues/2692012-01-07T10:28:05ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Reported by Julien Tinnes, thanks to him!</p>
<p>Bip doesn't check if fd is equal or larger than FD_SETSIZE.</p>
<p>From select man page:</p>
<blockquote>
<p>Executing FD_CLR() or FD_SET() with a value of fd that is negative or is equal to or larger than FD_SETSIZE will result in undefined behavior.</p>
</blockquote> Bip - Bug #186 (New): Bip crash after using "/QUOTE BIP TRUST OK" on a new connectionhttps://projects.duckcorp.org/issues/1862011-01-18T02:29:38ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<a name="How-to-reproduce"></a>
<h1 >How to reproduce:<a href="#How-to-reproduce" class="wiki-anchor">¶</a></h1>
<ol>
<li>/etc/bip.conf: add a new ssl connection </li>
<li>restart bip (Debian: <em>/etc/init.d/bip restart</em>)</li>
<li>use <em>/QUOTE BIP TRUST OK</em><br /> # all client connections are disconnected</li>
</ol>
<a name="Logs"></a>
<h1 >Logs<a href="#Logs" class="wiki-anchor">¶</a></h1>
<a name="Client-logs"></a>
<h2 >Client logs:<a href="#Client-logs" class="wiki-anchor">¶</a></h2>
<blockquote>
<p>03:12:08 oftc | irc: connecting to server irc-bouncer/7778...<br />03:12:08 oftc | irc: connected to irc-bouncer<br />03:12:08 oftc -- | b.i.p (b.i.p): This server SSL certificate was not accepted because it is not in your store of trusted certificates:<br />03:12:08 oftc -- | b.i.p (b.i.p): Subject: /C=US/ST=Indiana/L=Indianapolis/O=Software in the Public Interest/OU=hostmaster/CN=Certificate Authority/emailAddress=<a class="email" href="mailto:hostmaster@spi-inc.org">hostmaster@spi-inc.org</a><br />03:12:08 oftc -- | b.i.p (b.i.p): Issuer: /C=US/ST=Indiana/L=Indianapolis/O=Software in the Public Interest/OU=hostmaster/CN=Certificate Authority/emailAddress=<a class="email" href="mailto:hostmaster@spi-inc.org">hostmaster@spi-inc.org</a><br />03:12:08 oftc -- | b.i.p (b.i.p): MD5 fingerprint: 2A:47:9F:60:BB:83:74:6F:01:03:D7:0B:0D:F6:0D:78<br />03:12:08 oftc -- | b.i.p (b.i.p): WARNING: if you've already trusted a certificate for this server before, that probably means it has changed.<br />03:12:08 oftc -- | b.i.p (b.i.p): If so, YOU MAY BE SUBJECT OF A MAN-IN-THE-MIDDLE ATTACK! PLEASE DON'T TRUST THIS CERTIFICATE IF YOU'RE NOT SURE THIS IS NOT THE CASE.<br />03:12:08 oftc -- | b.i.p (b.i.p): Type /QUOTE BIP TRUST OK to trust this certificate, /QUOTE BIP TRUST NO to discard it.<br />03:12:20 oftc -- | irc.bip.net (irc.bip.net): ==== Certificate now trusted.<br />03:12:20 oftc -- | irc.bip.net (irc.bip.net): No more certificates waiting awaiting user trust, thanks!<br />03:12:20 oftc -- | irc.bip.net (irc.bip.net): If the certificate is trusted, bip should be able to connect to the server on the next retry. Please wait a while and try connecting your client again.</p>
</blockquote>
<a name="Bip-logs"></a>
<h2 >Bip logs:<a href="#Bip-logs" class="wiki-anchor">¶</a></h2>
<blockquote>
<p>18-01-2011 03:12:12 ERROR: No certificate in SSL write_socket<br />18-01-2011 03:12:12 ERROR: SSL cert check failed at depth=3: certificate rejected (28)<br />18-01-2011 03:12:12 ERROR: Certificate check failed: certificate rejected (28)!<br />18-01-2011 03:12:12 ERROR: Error on fd 31 (state 9)<br />18-01-2011 03:12:12 ERROR: [oftc] read_lines error, closing...<br />18-01-2011 03:12:12 ERROR: [oftc] reconnecting in 240 seconds<br />18-01-2011 03:12:54 ERROR: No certificate in SSL write_socket</p>
</blockquote>