Ucspi-tcp Automated Code Checks

When communicating with Gerrit’s address I got an automated message to confirm my sending of the email to his box. I hope there is somebody there.

When we finish testing, do you think its enough or useful to post the results we get here to Debian and they will take care of it? Or do they need the results from the same guy who can audit/fix the package manually?

After second test you got this.

You can fix that by running.

That will terminate the worker.

Not sure how to proceed from here. Maybe contact upstream, maybe post a bug against Debian, maybe contact the debian security team (if this is security related?). They might ask for instructions on how to reproduce this on debian. I might be able to write a simple dummy script so they can reproduce without getting whole control-port-filter/tor that causes the same issue.

Shutting off controlportfiltd off doesn’t solve the fatal error bound address. Stopping the service doesn’t give me feedback that it has been stopped anymore either. It takes and applies it silently

If it worked once but not again, most likely there is still some process left running which keeps the port open.

To see what it really does:

(controlportfilt in Whonix 8)
(works with any bash script)

Install graphical diff viewer.

sudo apt-get update sudo apt-get install meld

Log processes while fatal error bound address.


Log processes again after reboot.

Compare old and new processes. You should find out which one kept the port open by now.

Fatal error bound address should now be gone.

Next time, combine.

So you find out the pid of the process that blocks.


Thank you fro the directions. I will try them. Here is what I get when controlportfiltd is down and valgrind is un after that.

root@host:/home/user# sudo service controlportfiltd stop root@host:/home/user# sudo -u debian-tor valgrind --leak-check=full --show-reachable=yes tcpserver -v -1 -l host -H 0 9052 /bin/bash/ -x -c /usr/lib/whonix/cpf-tcpserver ==6317== Memcheck, a memory error detector ==6317== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==6317== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==6317== Command: tcpserver -v -1 -l host -H 0 9052 /bin/bash/ -x -c /usr/lib/whonix/cpf-tcpserver ==6317== 9052 tcpserver: status: 0/40

Update: trying to run meld gives a bunch of errors related to Gnome not able to run a gui.

I think the valgrind experiment is becoming too much for its gain. I want to concentrate on getting the source code from the repo into git and running coverity.

i edited the other file you refer to in the /etc/apt/sources.list. It doesn’t want to fetch source code for the ucspi-tcp. Saying uri is not specified.