[Openswan Users] crl.pem segfaults Pluto

Nate Carlson natecars at natecarlson.com
Thu May 20 10:05:36 CEST 2004


On Tue, 18 May 2004, Warren Hinscliff wrote:
> I'm running OpenSwan 2.1.1 on Debian unstable (Kernel 2.4.24). I have
> installed the software and can run a connection with shared secrets with
> no problems.

[...]

> It seems to depend on the /etc/ipsec.d/crls/crl.pem file - if this
> exists Pluto dies, apparently at the point when it reads it. Remove this
> and it starts OK.

This is a bug in Openswan, up to and including 2.1.1.

The new 2.1.2 packages fix this; the debian package maintainer said he
should have 2.1.2 available sometime soon. If you can't afford to wait,
I've got some totally unofficial debian packages based on pre-2.1.2 cvs
built; they are available from:

http://www.natecarlson.com/downloads/openswan

Note that it's likely that these packages will show up newer than the 
official 2.1.2 packages when they are released, because of the package 
names I used.

------------------------------------------------------------------------
| nate carlson | natecars at natecarlson.com | http://www.natecarlson.com |
|       depriving some poor village of its idiot since 1981            |
------------------------------------------------------------------------


More information about the Users mailing list