there is a bug in the current version of silc-server that makes it possible
to crash a networks SILC router, when a new channel is created. All it takes
is to specify an invalid hmac algorithm name and no cipher algorithm name.
This results in an null pointer dereference in 'SILC_SERVER_CMD_FUNC(join)' at
line 2444 in apps/silcd/command.c.
The attached patch fixes the problem.
Created attachment 112279 [details, diff]
silc_server_create_new_channel failing may mean a number of things. Before
the patch silcd just assumes that the cipher algorithm was not found (which
may not even be provided).
thanks for the report
net-irc can you comment/confirm? tavis?
Created attachment 112281 [details]
The error described before may happen at multiple places. The previous patch
only fixed the issue for standalone servers and not for routers.
Yep, i was able to reproduce the bug. The patch fixes it.
silc-server-1.0.2-r1 commited to the tree :)
arches, please test silc-server-1.0.2-r1 and mark stable if possible
Btw, thanks Frank for the patch(forgot to say before)
FYI: silc-server 1.0.3 was just released, including this fix
/me votes yes