<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:st1="urn:schemas-microsoft-com:office:smarttags" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="City"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="place"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.StileMessaggioDiPostaElettronica17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:595.3pt 841.9pt;
margin:70.85pt 2.0cm 2.0cm 2.0cm;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=IT link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Hi all,<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>I’m trying to test openswan-3.0.01 using the
following testbench<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Client1 -------------------------------------- Linux gw1
---------------------------------- Linux pc --------------------------------
Linux gw2 ------------------------- Client2<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>172.16.0.2/24<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
172.16.0.1/24
192.168.1.1/24<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
192.168.1.2/24 192.168.2.2/24<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
192.168.2.1/24 10.0.0.1/24<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>
10.0.0.2/24<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>On Linux gw1 and Linux gw2 I run ipsec start<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Then I run ipsec auto –up net-to-net on Linux
gw1<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>This command causes a Pluto crash on Linux gw2.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Following there is my ipsec.conf, ipsec.secrets and
the result of the gdb /usr/local/libexec/ipsec/Pluto core.xxxx<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=2 face=Arial><span lang=EN-GB
style='font-size:10.0pt;font-family:Arial'> </span></font><font size=1><span
lang=EN-GB style='font-size:8.0pt'># /etc/ipsec.conf - Openswan IPsec
configuration file<br>
version 2.0 # conforms to
second version of ipsec.conf specification<br>
<br>
# basic configuration<br>
config setup<br>
dumpdir=/root<br>
interfaces=%defaultroute<br>
klipsdebug=none<br>
plutodebug=none<br>
<br>
# Add connections here<br>
<br>
# sample VPN connection<br>
conn net-to-net <br>
left=192.168.1.1<br>
leftsubnet=172.16.0.0/24<br>
leftnexthop=192.168.1.2<br>
right=192.168.2.1<br>
rightsubnet=10.0.0.0/24<br>
rightnexthop=192.168.2.2<br>
auto=add<br>
authby=secret<br>
<br>
#Disable Opportunistic Encryption<br>
include /etc/ipsec.d/examples/no_oe.conf<br>
</span></font><font face=Arial><span lang=EN-GB style='font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face="Courier New"><span style='font-size:
8.0pt'>192.168.1.1 192.168.2.1: PSK "pippoplutopaperino"<br>
</span></font><font face=Arial><span lang=EN-GB style='font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoPlainText><font size=1 face="Courier New"><span lang=EN-GB
style='font-size:8.0pt'>gdb /usr/local/libexec/ipsec/pluto core.4900<br>
GNU gdb Red Hat Linux (6.3.0.0-1.134.fc5rh)<br>
Copyright 2004 Free Software Foundation, Inc.<br>
GDB is free software, covered by the GNU General Public License, and you
are<br>
welcome to change it and/or distribute copies of it under certain conditions.<br>
Type "show copying" to see the conditions.<br>
There is absolutely no warranty for GDB. Type "show warranty"
for details.<br>
This GDB was configured as "i386-redhat-linux-gnu"...Using host
libthread_db library "/lib/libthread_db.so.1".<br>
<br>
Failed to read a valid object file image from memory.<br>
Core was generated by `/usr/local/libexec/ipsec/pluto --nofork --secretsfile
/etc/ipsec.secrets --use-'.<br>
Program terminated with signal 6, Aborted.<br>
<br>
warning: svr4_current_sos: Can't read pathname for load map: Input/output error<br>
<br>
<st1:place w:st="on"><st1:City w:st="on">Reading</st1:City></st1:place> symbols
from /lib/libcrypt.so.1...done.<br>
Loaded symbols for /lib/libcrypt.so.1<br>
<st1:place w:st="on"><st1:City w:st="on">Reading</st1:City></st1:place> symbols
from /lib/libcrypto.so.6...done.<br>
Loaded symbols for /lib/libcrypto.so.6<br>
<st1:place w:st="on"><st1:City w:st="on">Reading</st1:City></st1:place> symbols
from /usr/lib/sse2/libgmp.so.3...done.<br>
Loaded symbols for /usr/lib/sse2/libgmp.so.3<br>
<st1:place w:st="on"><st1:City w:st="on">Reading</st1:City></st1:place> symbols
from /lib/libc.so.6...done.<br>
Loaded symbols for /lib/libc.so.6<br>
<st1:place w:st="on"><st1:City w:st="on">Reading</st1:City></st1:place> symbols
from /lib/libdl.so.2...done.<br>
Loaded symbols for /lib/libdl.so.2<br>
<st1:place w:st="on"><st1:City w:st="on">Reading</st1:City></st1:place> symbols
from /usr/lib/libz.so.1...done.<br>
Loaded symbols for /usr/lib/libz.so.1<br>
<st1:place w:st="on"><st1:City w:st="on">Reading</st1:City></st1:place> symbols
from /lib/ld-linux.so.2...done.<br>
Loaded symbols for /lib/ld-linux.so.2<br>
</span></font><font size=1><span style='font-size:8.0pt'>#0 0x00dca402 in
?? ()<br>
(gdb) bt<br>
#0 0x00dca402 in ?? </span></font><font size=1><span lang=EN-GB
style='font-size:8.0pt'>()<br>
#1 0x009b5ee9 in raise () from /lib/libc.so.6<br>
#2 0x009b74f1 in abort () from /lib/libc.so.6<br>
#3 0x08058b51 in passert_fail (pred_str=Could not find the frame base for
"passert_fail".<br>
) at /opt/openswan-3.0.01/programs/pluto/log.c:623<br>
#4 0x08058b05 in openswan_switch_fail (n=Could not find the frame base
for "openswan_switch_fail".<br>
) at /opt/openswan-3.0.01/programs/pluto/log.c:609<br>
#5 0x08074cfe in netlink_raw_eroute (this_host=0x9f07cd4,
this_client=0x9f07d28, that_host=0x9f07bd4,<br>
that_client=0x9f07c28, spi=256, proto=4, transport_proto=0,
esatype=ET_IPIP, proto_info=0xbf87234c, use_lifetime=0,<br>
sadb_op=ERO_ADD_INBOUND, text_said=0xbf872268
"tun.10000@192.168.2.1")<br>
at /opt/openswan-3.0.01/programs/pluto/kernel_netlink.c:451<br>
#6 0x08070a61 in raw_eroute (this_host=0x9f07cd4, this_client=0x9f07d28,
that_host=0x9f07bd4, that_client=0x9f07c28,<br>
spi=256, proto=4, transport_proto=0, esatype=ET_IPIP,
proto_info=0xbf87234c, use_lifetime=0, op=ERO_ADD_INBOUND,<br>
opname=0x80eca5f "add inbound") at
/opt/openswan-3.0.01/programs/pluto/kernel.c:815<br>
#7 0x08072bcd in setup_half_ipsec_sa (st=0x9f0a010, inbound=1) at
/opt/openswan-3.0.01/programs/pluto/kernel.c:1705<br>
#8 0x080733b2 in install_inbound_ipsec_sa (st=0x9f0a010) at
/opt/openswan-3.0.01/programs/pluto/kernel.c:2056<br>
#9 0x0806e1f1 in quick_inI1_outR1_cryptotail (dh=0x9f09810, r=0xbf872784)<br>
at /opt/openswan-3.0.01/programs/pluto/ikev1_quick.c:2113<br>
#10 0x0806dd28 in quick_inI1_outR1_cryptocontinue2 (pcrc=0x9f09810,
r=0xbf872784, ugh=0x0)<br>
at /opt/openswan-3.0.01/programs/pluto/ikev1_quick.c:1967<br>
#11 0x08085cd1 in handle_helper_comm (w=0x9f06440) at
/opt/openswan-3.0.01/programs/pluto/pluto_crypt.c:623<br>
#12 0x08086497 in pluto_crypto_helper_ready (readfds=0xbf875244) at
/opt/openswan-3.0.01/programs/pluto/pluto_crypt.c:903<br>
#13 0x0805fd33 in call_server () at /opt/openswan-3.0.01/programs/pluto/server.c:786<br>
#14 0x0805cc55 in main (argc=5, argv=0xbf875454) at
/opt/openswan-3.0.01/programs/pluto/plutomain.c:856<br>
</span></font><font size=1><span style='font-size:8.0pt'>(gdb)<br>
<br>
<o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Please help me<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Thanks<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'>Sergio<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-GB style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>