[Openswan dev] Pluto respawns with rightid=%fromcert
Nicolas Bellido Y Ortega
ml at acolin.be
Thu Dec 11 12:25:38 EST 2008
On Thursday 11 December 2008 17:44:17 Tuomo Soini wrote:
> Nicolas Bellido Y Ortega wrote:
> > conn left-right-vpn
> > left=10.0.5.83
> > leftcert=/etc/ipsec.d/certs/leftCert.pem
> > leftsendcert=always
> > right=%any
> > rightca=%any
> > rightid=%fromcert
> > auto=add
>
> This config is totally wrong but it looks like config-parser will accept
> it (wrongly). right=%any and rightid=%fromcert is invalid combination.
> Fromcert can only load id from locally stored certificate!
Let's see:
conn left-right-vpn
left=10.0.5.83
leftcert=/etc/ipsec.d/certs/leftCert.pem
leftsendcert=always
rightid=%fromcert
rightca=%any
auto=add
$ ls /etc/ipsec.d/certs/
leftCert.pem rightCert.pem
# ipsec setup start
ipsec_setup: Starting Openswan IPsec U2.6.19/K2.6.18-92.1.18.el5...
# ipsec secrets
whack: is Pluto running? connect() for "/var/run/pluto/pluto.ctl" failed (111 Connection refused)
# cd /home/nbo/rpm/BUILD/openswan-2.6.19/OBJ.linux.i386/programs/pluto/
# gdb pluto
GNU gdb Red Hat Linux (6.5-37.el5_2.2rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/libthread_db.so.1".
(gdb) core /tmp/core.20615
warning: Can't read pathname for load map: Input/output error.
Loaded symbols for /home/nbo/rpm/BUILD/openswan-2.6.19/OBJ.linux.i386/programs/pluto/pluto
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /usr/lib/sse2/libgmp.so.3...done.
Loaded symbols for /usr/lib/sse2/libgmp.so.3
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Core was generated by `/usr/libexec/ipsec/pluto --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /'.
Program terminated with signal 6, Aborted.
#0 0x003ab402 in __kernel_vsyscall ()
(gdb) bt full
#0 0x003ab402 in __kernel_vsyscall ()
No symbol table info available.
#1 0x003e5d10 in raise () from /lib/libc.so.6
No symbol table info available.
#2 0x003e7621 in abort () from /lib/libc.so.6
No symbol table info available.
#3 0x001d42ac in passert_fail (pred_str=0xbfb8036a "case -3 unexpected",
file_str=0x28cd28 "/home/nbo/rpm/BUILD/openswan-2.6.19/lib/libopenswan/id.c", line_no=337)
at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/log.c:624
No locals.
#4 0x001d433f in openswan_switch_fail (n=-3, file_str=0x28cd28 "/home/nbo/rpm/BUILD/openswan-2.6.19/lib/libopenswan/id.c", line_no=337)
at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/log.c:610
buf = "case -3 unexpected\000�#\000\n\000\000\000@�O"
#5 0x0023b4ba in unshare_id_content (id=0x9c47644) at /home/nbo/rpm/BUILD/openswan-2.6.19/lib/libopenswan/id.c:337
No locals.
#6 0x001c8efe in unshare_connection_end_strings (e=0x0) at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/connections.c:732
No locals.
#7 0x001c90d3 in unshare_connection_strings (c=0x9c474e8) at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/connections.c:771
sr = (struct spd_route *) 0x9c47530
#8 0x001ccd71 in add_connection (wm=0xbfb80ea4) at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/connections.c:1422
same_rightca = <value optimized out>
same_leftca = 0
c = (struct connection *) 0x9c474e8
alg_info_ike = (struct alg_info_ike *) 0x0
ugh = <value optimized out>
buf = "<NULL>", '\0' <repeats 249 times>
#9 0x0020720b in whack_process (whackfd=10, msg=
{magic = 1869114150, whack_status = 0, whack_shutdown = 0, name_len = 0, name = 0xbfb83898 "left-right-vpn", whack_options = 0, debugging = 0, whack_connection = 1,
whack_async = 0, policy = 33554534, sa_ike_life_seconds = 3600, sa_ipsec_life_seconds = 28800, sa_rekey_margin = 540, sa_rekey_fuzz = 100, sa_keying_tries = 0, dpd_delay = 0,
dpd_timeout = 0, dpd_action = DPD_ACTION_CLEAR, dpd_count = 0, forceencaps = 0, left = {id = 0xbfb838a7 "10.0.5.83", cert = 0xbfb838b1 "/etc/ipsec.d/certs/leftCert.pem", ca =
0x0, groups = 0x0, host_type = KH_IPADDR, host_addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 1392836618}, sin_zero = "\000\000\000\000\000\000\000"},
v6 = {sin6_family = 2, sin6_port = 0, sin6_flowinfo = 1392836618, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 =
{0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_nexthop = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 =
{sin6_family = 2, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}}}, host_srcip = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id =
0}}}, client = {addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, maskbits =
0}, key_from_DNS_on_demand = 1, has_client = 0, has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 500, port = 0, protocol = 0 '\0', virt = 0x0,
xauth_server = 0, xauth_client = 0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0, tundev = 0, sendcert = cert_alwayssend, certtype = CERT_NONE, host_addr_name =
0xbfb838f0 "10.0.5.83"}, right = {id = 0xbfb838d5 "%fromcert", cert = 0x0, ca = 0xbfb838e0 "%any", groups = 0x0, host_type = KH_NOTSET, host_addr = {u = {v4 = {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8
= '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_nexthop = {u = {v4 = {sin_family = 2, sin_port = 0,
sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"---Type <return> to continue, or q <return> to quit---
}, v6 = {sin6_family = 2, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0,
0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family =
0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id
= 0}}}, client = {addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, maskbits =
0}, key_from_DNS_on_demand = 1, has_client = 0, has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 500, port = 0, protocol = 0 '\0', virt = 0x0,
xauth_server = 0, xauth_client = 0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0, tundev = 0, sendcert = cert_alwayssend, certtype = CERT_NONE, host_addr_name =
0x0}, addr_family = 2, tunnel_addr_family = 2, ike = 0x0, pfsgroup = 0x0, esp = 0x0, whack_key = 0, whack_addkey = 0, keyid = 0x0, pubkey_alg = 0, keyval = {ptr =
0xbfb838ff "", len = 0}, whack_myid = 0, myid = 0x0, whack_route = 0, whack_unroute = 0, whack_initiate = 0, whack_oppo_initiate = 0, oppo_my_client = {u = {v4 = {sin_family =
0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8
= '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, oppo_peer_client = {u = {v4 = {sin_family = 0, sin_port = 0,
sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15
times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, whack_terminate = 0, whack_delete = 1, whack_deletestate = 0,
whack_deletestateno = 0, whack_listen = 0, whack_unlisten = 0, whack_crash = 0, whack_crash_peer = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero
= "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0,
0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, whack_utc = 0, whack_list = 0, whack_purgeocsp = 0, whack_reread = 0 '\0', tpmeval = 0x0, connalias = 0x0,
modecfg_dns1 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
modecfg_dns2 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
modecfg_wi---Type <return> to continue, or q <return> to quit---
ns1 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0,
sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, modecfg_wins2 = {u = {v4 =
{sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u
= {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, dnshostname = 0x0, opt_set =
WHACK_ADJUSTOPTIONS, string1 = 0x0, string2 = 0x0, string3 = 0x0, str_size = 0, string
= "left-right-vpn\00010.0.5.83\000/etc/ipsec.d/certs/leftCert.pem\000\000\000\000\000%fromcert\000\000%any", '\0' <repeats 12 times>, "10.0.5.83", '\0' <repeats 3998 times>})
at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/rcv_whack.c:418
sr = <value optimized out>
fail = <value optimized out>
c = <value optimized out>
oco = (const struct osw_conf_options *) 0x2b3400
#10 0x00207e64 in whack_handle (whackctlfd=5) at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/rcv_whack.c:753
ugh = <value optimized out>
wp = {msg = 0xbfb83554, str_roof = 0xbfb838ff "", str_next = 0xbfb838ff "", n = 939}
msg = {magic = 1869114150, whack_status = 0, whack_shutdown = 0, name_len = 0, name = 0xbfb83898 "left-right-vpn", whack_options = 0,
debugging = 0, whack_connection = 1, whack_async = 0, policy = 33554534, sa_ike_life_seconds = 3600, sa_ipsec_life_seconds = 28800,
sa_rekey_margin = 540, sa_rekey_fuzz = 100, sa_keying_tries = 0, dpd_delay = 0, dpd_timeout = 0, dpd_action = DPD_ACTION_CLEAR, dpd_count = 0,
forceencaps = 0, left = {id = 0xbfb838a7 "10.0.5.83", cert = 0xbfb838b1 "/etc/ipsec.d/certs/leftCert.pem", ca = 0x0, groups = 0x0,
host_type = KH_IPADDR, host_addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 1392836618},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2, sin6_port = 0, sin6_flowinfo = 1392836618, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
host_nexthop = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 2, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0,
0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, client = {
addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, maskbits = 0}, key_from_DNS_on_demand = 1, has_client = 0,
has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 500, port = 0, protocol = 0 '\0', virt = 0x0, xauth_server = 0,
xauth_client = 0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0, tundev = 0, sendcert = cert_alwayssend, certtype = CERT_NONE,
host_addr_name = 0xbfb838f0 "10.0.5.83"}, right = {id = 0xbfb838d5 "%fromcert", cert = 0x0, ca = 0xbfb838e0 "%any", groups = 0x0,
host_type = KH_NOTSET, host_addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
host_nexthop = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 2, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0,
0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, client = {
addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, maskbits = 0}, key_from_DNS_on_demand = 1, has_client = 0,
has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 500, port = 0, protocol = 0 '\0', virt = 0x0, xauth_server = 0,
xauth_client = 0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0, tundev = 0, sendcert = cert_alwayssend, certtype = CERT_NONE,
host_addr_name = 0x0}, addr_family = 2, tunnel_addr_family = 2, ike = 0x0, pfsgroup = 0x0, esp = 0x0, whack_key = 0, whack_addkey = 0,
keyid = 0x0, pubkey_alg = 0, keyval = {ptr = 0xbfb838ff "", len = 0}, whack_myid = 0, myid = 0x0, whack_route = 0, whack_unroute = 0,
whack_initiate = 0, whack_oppo_initiate = 0, oppo_my_client = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
oppo_peer_client = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0,
0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, whack_terminate = 0, whack_delete = 1, whack_deletestate = 0,
whack_deletestateno = 0, whack_listen = 0, whack_unlisten = 0, whack_crash = 0, whack_crash_peer = {u = {v4 = {sin_family = 0, sin_port = 0,
sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {
in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
whack_utc = 0, whack_list = 0, whack_purgeocsp = 0, whack_reread = 0 '\0', tpmeval = 0x0, connalias = 0x0, modecfg_dns1 = {u = {v4 = {
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0,
0}}}, sin6_scope_id = 0}}}, modecfg_dns2 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
modecfg_wins1 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0,
0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, modecfg_wins2 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
dnshostname = 0x0, opt_set = WHACK_ADJUSTOPTIONS, string1 = 0x0, string2 = 0x0, string3 = 0x0, str_size = 0,
string = "left-right-vpn\00010.0.5.83\000/etc/ipsec.d/certs/leftCert.pem\000\000\000\000\000%fromcert\000\000%any", '\0' <repeats 12 times>, "10.0.5.83", '\0' <repeats 3998
times>}
msg_saved = {magic = 1869114150, whack_status = 0, whack_shutdown = 0, name_len = 0, name = 0x0, whack_options = 0, debugging = 0,
whack_connection = 1, whack_async = 0, policy = 33554534, sa_ike_life_seconds = 3600, sa_ipsec_life_seconds = 28800, sa_rekey_margin = 540,
sa_rekey_fuzz = 100, sa_keying_tries = 0, dpd_delay = 0, dpd_timeout = 0, dpd_action = DPD_ACTION_CLEAR, dpd_count = 0, forceencaps = 0, left = {
id = 0x0, cert = 0x0, ca = 0x0, groups = 0x0, host_type = KH_IPADDR, host_addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {
s_addr = 1392836618}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2, sin6_port = 0, sin6_flowinfo = 1392836618,
sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}}}, host_nexthop = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
host_srcip = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0,
0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, client = {addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {
in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
maskbits = 0}, key_from_DNS_on_demand = 1, has_client = 0, has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 500,
port = 0, protocol = 0 '\0', virt = 0x0, xauth_server = 0, xauth_client = 0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0,
tundev = 0, sendcert = cert_alwayssend, certtype = CERT_NONE, host_addr_name = 0x0}, right = {id = 0x0, cert = 0x0, ca = 0x0, groups = 0x0,
host_type = KH_NOTSET, host_addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
host_nexthop = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 2, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0,
0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, client = {
addr = {u = {v4 = {sin_family = 2, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 2,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, maskbits = 0}, key_from_DNS_on_demand = 1, has_client = 0,
has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 500, port = 0, protocol = 0 '\0', virt = 0x0, xauth_server = 0,
xauth_client = 0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0, tundev = 0, sendcert = cert_alwayssend, certtype = CERT_NONE,
host_addr_name = 0x0}, addr_family = 2, tunnel_addr_family = 2, ike = 0x0, pfsgroup = 0x0, esp = 0x0, whack_key = 0, whack_addkey = 0,
keyid = 0x0, pubkey_alg = 0, keyval = {ptr = 0x0, len = 0}, whack_myid = 0, myid = 0x0, whack_route = 0, whack_unroute = 0, whack_initiate = 0,
whack_oppo_initiate = 0, oppo_my_client = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
oppo_peer_client = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0,
0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, whack_terminate = 0, whack_delete = 1, whack_deletestate = 0,
whack_deletestateno = 0, whack_listen = 0, whack_unlisten = 0, whack_crash = 0, whack_crash_peer = {u = {v4 = {sin_family = 0, sin_port = 0,
sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {
in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
whack_utc = 0, whack_list = 0, whack_purgeocsp = 0, whack_reread = 0 '\0', tpmeval = 0x0, connalias = 0x0, modecfg_dns1 = {u = {v4 = {
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0,
0}}}, sin6_scope_id = 0}}}, modecfg_dns2 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
modecfg_wins1 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0,
0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, modecfg_wins2 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {in6_u = {
u6_addr8 = '\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
dnshostname = 0x0, opt_set = WHACK_ADJUSTOPTIONS, string1 = 0x0, string2 = 0x0, string3 = 0x0, str_size = 0,
string = "left-right-vpn\00010.0.5.83\000/etc/ipsec.d/certs/leftCert.pem\000\000\000\000\000%fromcert\000\000%any", '\0' <repeats 12 times>, "10.0.5.83", '\0' <repeats 3998
times>}
whackaddr = {sun_family = 1,
sun_path = '\0' <repeats 40 times>, "6�C\000�H��3�#", '\0' <repeats 17 times>, "\b�*\000xQ��\030I����\035", '\0' <repeats 21 times>, "`B\035"}
whackaddrlen = 2
whackfd = 10
n = -1078446764
#11 0x001dba2a in call_server () at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/server.c:774
tm = {tv_sec = 120, tv_usec = 0}
readfds = {__osfds_bits = {32, 0 <repeats 255 times>}}
writefds = {__osfds_bits = {0 <repeats 256 times>}}
ndes = 1
ifp = <value optimized out>
lastn = 0
#12 0x001d873e in main (argc=1902855503, argv=0x50424c48) at /home/nbo/rpm/BUILD/openswan-2.6.19/programs/pluto/plutomain.c:837
v = 0x2b3620 "OEkqHLBPOfMD"
vc = 0x295328 "2.6.19"
fork_desired = 0
lockfd = <value optimized out>
ocspuri = 0x0
nhelpers = -1
coredir = 0x0
oco = (const struct osw_conf_options *) 0x2b3400
nat_traversal = 1
nat_t_spf = 1
keep_alive = 0
force_keepalive = 0
virtual_private = 0x0
long_opts = {{name = 0x2701b0 "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x299048 "version", has_arg = 0, flag = 0x0, val = 118},
{name = 0x2701b5 "optionsfrom", has_arg = 1, flag = 0x0, val = 43}, {name = 0x2701c1 "nofork", has_arg = 0, flag = 0x0, val = 100}, {
name = 0x2701c8 "stderrlog", has_arg = 0, flag = 0x0, val = 101}, {name = 0x2701d2 "noklips", has_arg = 0, flag = 0x0, val = 110}, {
name = 0x2701da "use-nostack", has_arg = 0, flag = 0x0, val = 110}, {name = 0x2701e6 "use-none", has_arg = 0, flag = 0x0, val = 110}, {
name = 0x2701ef "force_busy", has_arg = 0, flag = 0x0, val = 68}, {name = 0x2701fa "nocrsend", has_arg = 0, flag = 0x0, val = 99}, {
name = 0x270203 "strictcrlpolicy", has_arg = 0, flag = 0x0, val = 114}, {name = 0x270213 "crlcheckinterval", has_arg = 1, flag = 0x0,
val = 120}, {name = 0x270224 "ocsprequestcert", has_arg = 1, flag = 0x0, val = 113}, {name = 0x270234 "ocspuri", has_arg = 1, flag = 0x0,
val = 111}, {name = 0x27023c "uniqueids", has_arg = 0, flag = 0x0, val = 117}, {name = 0x270246 "useklips", has_arg = 0, flag = 0x0,
val = 107}, {name = 0x27024f "use-klips", has_arg = 0, flag = 0x0, val = 107}, {name = 0x270259 "use-auto", has_arg = 0, flag = 0x0, val = 71},
{name = 0x270262 "usenetkey", has_arg = 0, flag = 0x0, val = 75}, {name = 0x27026c "use-netkey", has_arg = 0, flag = 0x0, val = 75}, {
name = 0x270277 "use-mast", has_arg = 0, flag = 0x0, val = 77}, {name = 0x270280 "interface", has_arg = 1, flag = 0x0, val = 105}, {
name = 0x27028a "ikeport", has_arg = 1, flag = 0x0, val = 112}, {name = 0x270292 "ctlbase", has_arg = 1, flag = 0x0, val = 98}, {
name = 0x27029a "secretsfile", has_arg = 1, flag = 0x0, val = 115}, {name = 0x2702a6 "foodgroupsdir", has_arg = 1, flag = 0x0, val = 102}, {
name = 0x2702b4 "perpeerlogbase", has_arg = 1, flag = 0x0, val = 80}, {name = 0x2702c3 "perpeerlog", has_arg = 0, flag = 0x0, val = 108}, {
name = 0x2702ce "noretransmits", has_arg = 0, flag = 0x0, val = 82}, {name = 0x2700c8 "coredir", has_arg = 1, flag = 0x0, val = 67}, {
name = 0x2702dc "ipsecdir", has_arg = 1, flag = 0x0, val = 102}, {name = 0x2702e5 "ipsec_dir", has_arg = 1, flag = 0x0, val = 102}, {
name = 0x27b496 "lwdnsq", has_arg = 1, flag = 0x0, val = 97}, {name = 0x2702ef "nat_traversal", has_arg = 0, flag = 0x0, val = 49}, {
name = 0x2702fd "keep_alive", has_arg = 1, flag = 0x0, val = 50}, {name = 0x270308 "force_keepalive", has_arg = 0, flag = 0x0, val = 51}, {
name = 0x270318 "disable_port_floating", has_arg = 0, flag = 0x0, val = 52}, {name = 0x27032e "debug-nat_t", has_arg = 0, flag = 0x0,
val = 53}, {name = 0x27033a "debug-nattraversal", has_arg = 0, flag = 0x0, val = 53}, {name = 0x27034d "debug-nat-t", has_arg = 0, flag = 0x0,
val = 53}, {name = 0x270359 "virtual_private", has_arg = 1, flag = 0x0, val = 54}, {name = 0x270369 "nhelpers", has_arg = 1, flag = 0x0,
val = 106}, {name = 0x270372 "debug-none", has_arg = 0, flag = 0x0, val = 78}, {name = 0x27037d "debug-all", has_arg = 0, flag = 0x0,
val = 65}, {name = 0x270387 "debug-raw", has_arg = 0, flag = 0x0, val = 257}, {name = 0x270391 "debug-crypt", has_arg = 0, flag = 0x0,
val = 258}, {name = 0x27039d "debug-crypto", has_arg = 0, flag = 0x0, val = 258}, {name = 0x2703aa "debug-parsing", has_arg = 0, flag = 0x0,
val = 260}, {name = 0x2703b8 "debug-emitting", has_arg = 0, flag = 0x0, val = 264}, {name = 0x2703c7 "debug-control", has_arg = 0, flag = 0x0,
val = 272}, {name = 0x2703d5 "debug-lifecycle", has_arg = 0, flag = 0x0, val = 288}, {name = 0x2703e5 "debug-klips", has_arg = 0, flag = 0x0,
val = 320}, {name = 0x2703f1 "debug-netkey", has_arg = 0, flag = 0x0, val = 320}, {name = 0x2703fe "debug-dns", has_arg = 0, flag = 0x0,
val = 384}, {name = 0x270408 "debug-oppo", has_arg = 0, flag = 0x0, val = 512}, {name = 0x270413 "debug-oppoinfo", has_arg = 0, flag = 0x0,
val = 16640}, {name = 0x270422 "debug-controlmore", has_arg = 0, flag = 0x0, val = 768}, {name = 0x270434 "debug-dpd", has_arg = 0, flag = 0x0,
val = 8448}, {name = 0x27043e "debug-x509", has_arg = 0, flag = 0x0, val = 4352}, {name = 0x270449 "debug-private", has_arg = 0, flag = 0x0,
val = 1048832}, {name = 0x270457 "debug-pfkey", has_arg = 0, flag = 0x0, val = 1280}, {name = 0x270463 "impair-delay-adns-key-answer",
has_arg = 0, flag = 0x0, val = 2097408}, {name = 0x270480 "impair-delay-adns-txt-answer", has_arg = 0, flag = 0x0, val = 4194560}, {
name = 0x27049d "impair-bust-mi2", has_arg = 0, flag = 0x0, val = 8388864}, {name = 0x2704ad "impair-bust-mr2", has_arg = 0, flag = 0x0,
val = 16777472}, {name = 0x2704bd "impair-jacob-two-two", has_arg = 0, flag = 0x0, val = 134217984}, {name = 0x0, has_arg = 0, flag = 0x0,
val = 0}}
More information about the Dev
mailing list