[Openswan Users] Pluto Segmentation fault in 2.4.7 and 2.4.8 rc1

Djordje Zekovic lenrel at gmail.com
Tue Mar 13 20:41:11 EDT 2007 

1)
esr is pointer to 0x0.
I added : if(esr!=NULL){...}  to source at point of segment. fault -  it's
working now.

I do not know what is causing esr to be NULL, but I came up with interesting
behaviour of pluto:
if  _updown script returns with exit code > 0, I am getting problem with
esr=NULL,
if I do not mess with _updown, there is no such problem. Guessing that
return code of _updown script has impact to esr ?

/var/log/secure:

pluto[30225]: | route_and_eroute with c: l2tp-transport (next: none)
ero:l2tp-transport esr:{(nil)} ro:l2tp-transport rosr:{(nil)} and state: 8
pluto[30225]: |   trusted_ca called with a=******
pluto[30225]: "l2tp-transport"[4] xxx.xxx.xxx.xxx #8: up-host command exited
with status 10
ipsec__plutorun: Restarting Pluto subsystem...

2) in cases when I have sudden cut of communication between server and
client (for example, power reset at client side), I have misc behaviour of
openswan server when using WindowsXP and openswan as ipsec clients.

When using Windows XP I am never getting message "cannot install eroute --
it is in use for ...", instead I have dead tunnel spi and %trap eroute. I
can reconnect tunnel after that and then I have 4 spi records and regular
eroute, after regular termination of the new tunnel I am getting %hold
eroute and 2 old spi records. I guess they will expire in near future and
I'll have clean system.

When using openswan as client I am always getting message "cannot install
eroute -- it is in use for ...", Here I have to wait expiration of spi to
reconnect the tunnel successfully. DPD is disabled while testing.

Why such misc. behaviours? Is it possible to re-use eroute when using
openswan as client?




Regards
Djordje


On 3/13/07, Paul Wouters <paul at xelerance.com> wrote:
>
> On Tue, 13 Mar 2007, Djordje Zekovic wrote:
>
> > Failed to read a valid object file image from memory.
> > Core was generated by `/usr/libexec/ipsec/pluto --nofork --secretsfile
> > /etc/ipsec.secrets --ipsecdir /'.
> > Program terminated with signal 11, Segmentation fault.
> > #0  0x0806ebc8 in route_and_eroute (c=0xa0d5118, sr=0xa0d515c,
> st=0xa0d6878)
> > at kernel.c:2532
> > 2532                    if (esr->eroute_owner == SOS_NOBODY)
> > #0  0x0806ebc8 in route_and_eroute (c=0xa0d5118, sr=0xa0d515c,
> st=0xa0d6878)
> > at kernel.c:2532
> > #1  0x0806efad in install_ipsec_sa (st=0xa0d6878, inbound_also=0) at
> > kernel.c:2613
> > #2  0x08067de1 in quick_inI2 (md=0xa0d2ed0) at ikev1_quick.c:2132
> > #3  0x0807807c in process_packet (mdp=0x80ea068) at demux.c:2352
> > #4  0x080788cf in comm_handle (ifp=0xa0d0cf8) at demux.c:1223
> > #5  0x0805c2d8 in call_server () at server.c:1166
> > #6  0x0805a4db in main (argc=1549747535, argv=0x7d6a6750) at plutomain.c
> :787
>
> Thanks, that was somewhat helpful. Can you repeat it with
> plutodebug=controlmore ?
> That should give us some more information leading up to the crash.
> Also, a dump of all the variables in gdb would help as well, or at least a
> print
> of esr.
>
> Is this using 2.6.19 or 2.6.20? KLIPS or NETKEY?
>
> > /var/log/secure:
> >
> > Mar 13 05:40:46 vpn1 pluto[16901]: ERROR: pfkey write() of
> SADB_X_DELFLOW
> > message 14 for flow int.0 at 0.0.0.0 failed. Errno 14: Bad address
> > Mar 13 05:40:46 vpn1 pluto[16901]: |   02 0f 00 0b  0e 00 00 00  0e 00
> 00
> > 00  05 42 00 00
> > Mar 13 05:40:46 vpn1 pluto[16901]: |   03 00 15 00  00 00 00 00  02 00
> 06
> > a5  48 37 92 95
> > Mar 13 05:40:46 vpn1 pluto[16901]: |   00 00 00 00  00 00 00 00  03 00
> 16
> > 00  00 00 00 00
> > Mar 13 05:40:46 vpn1 pluto[16901]: |   02 00 06 a5  c3 42 a4 bd  00 00
> 00
> > 00  00 00 00 00
> > Mar 13 05:40:46 vpn1 pluto[16901]: |   03 00 17 00  00 00 00 00  02 00
> ff
> > ff  ff ff ff ff
> > Mar 13 05:40:46 vpn1 pluto[16901]: |   38 1a 90 bf  ca 1a 90 bf  03 00
> 18
> > 00  00 00 00 00
> > Mar 13 05:40:46 vpn1 pluto[16901]: |   02 00 ff ff  ff ff ff ff  00 00
> 00
> > 00  00 00 00 00
> > Mar 13 05:40:55 vpn1 pluto[16901]: packet from xxx.xxx.xxx.xxx:44:
> ignoring
> > Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
> > Mar 13 05:40:55 vpn1 pluto[16901]: packet from xxx.xxx.xxx.xxx:44:
> ignoring
> > Vendor ID payload [FRAGMENTATION]
> > Mar 13 05:40:55 vpn1 pluto[16901]: packet from xxx.xxx.xxx.xxx:44:
> received
> > Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
> > Mar 13 05:40:55 vpn1 pluto[16901]: packet from xxx.xxx.xxx.xxx:44:
> ignoring
> > Vendor ID payload [Vid-Initial-Contact]
> > Mar 13 05:40:55 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > responding to Main Mode from unknown peer xxx.xxx.xxx.xxx
> > Mar 13 05:40:55 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
> > Mar 13 05:40:55 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > STATE_MAIN_R1: sent MR1, expecting MI2
> > Mar 13 05:40:55 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer is
> NATed
> > Mar 13 05:40:55 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> > Mar 13 05:40:55 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > STATE_MAIN_R2: sent MR2, expecting MI3
> > Mar 13 05:40:56 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > Main mode peer ID is ID_DER_ASN1_DN: '*******'
> > Mar 13 05:40:56 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5: I
> > am sending my cert
> > Mar 13 05:40:56 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
> > Mar 13 05:40:56 vpn1 pluto[16901]: | NAT-T: new mapping xxx.xxx.xxx.xxx
> > /1558)
> > Mar 13 05:40:56 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#5:
> > STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
> > cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
> > Mar 13 05:40:56 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#6:
> > responding to Quick Mode {msgid:c366edd3}
> > Mar 13 05:40:56 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#6:
> > transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
> > Mar 13 05:40:56 vpn1 pluto[16901]: "l2tp-transport"[2] xxx.xxx.xxx.xxx#6:
> > STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
> > Mar 13 05:41:07 vpn1 ipsec__plutorun: Restarting Pluto subsystem...
> >
> >
> >
> >
> > /var/log/messages:
> >
> > Mar 13 02:45:51 vpn1 ipsec_setup: Restarting Openswan IPsec 2.4.8rc1...
> > Mar 13 05:40:56 vpn1 ipsec__plutorun: /usr/lib/ipsec/_plutorun: line
> 237:
> > 16901 Segmentation fault      (core dumped) /usr/libexec/ipsec/pluto
> > --nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec
> > Mar 13 05:40:56 vpn1 ipsec__plutorun: !pluto failure!:  exited with
> error
> > status 139 (signal 11)
> > Mar 13 05:40:56 vpn1 ipsec__plutorun: restarting IPsec after pause...
> >
> >
> > On 3/13/07, Paul Wouters <paul at xelerance.com> wrote:
> > >
> > > On Tue, 13 Mar 2007, Djordje Zekovic wrote:
> > >
> > > > I have also pluto segmentation fault with 2.4.7 version.
> > > > Bug segm.fault still there using 2.4.8rc1 version.
> > > >
> > > > I can repeat bug any time: I am connected using Windows XP
> IPSEC/l2tp
> > > > Client, then I disable local area network, after enabling it again I
> > > > re-connect to VPN server, and wholaaa - segm. fault. I should
> receive
> > > > message "Cannot eroute"
> > > >
> > > > Here is dump:
> > >
> > > > GNU gdb Red Hat Linux (6.5-15.fc6rh)
> > >
> > > > warning: Can't read pathname for load map: Input/output error.
> > > > Reading symbols from /usr/lib/sse2/libgmp.so.3...done.
> > > > Loaded symbols for /usr/lib/sse2/libgmp.so.3
> > > > Reading symbols from /lib/libresolv.so.2...done.
> > > > Loaded symbols for /lib/libresolv.so.2
> > > > Reading symbols from /lib/libc.so.6...done.
> > > > Loaded symbols for /lib/libc.so.6
> > > > Reading symbols from /lib/ld-linux.so.2...done.
> > > > Loaded symbols for /lib/ld-linux.so.2
> > > > Failed to read a valid object file image from memory.
> > > > Core was generated by `/usr/libexec/ipsec/pluto --nofork
> --secretsfile
> > > > /etc/ipsec.secrets --ipsecdir /'.
> > > > Program terminated with signal 11, Segmentation fault.
> > > > #0  0x0806ebc8 in route_and_eroute (c=0x8145108, sr=0x814514c,
> > > st=0x8145b40)
> > > > at kernel.c:2532
> > > > 2532    kernel.c: No such file or directory.
> > > >        in kernel.c
> > > > (gdb)
> > >
> > > Please run it so that gdb has access to the source, then give us a
> > > backtrace
> > > and a dump of the variables involved.
> > >
> > > Thanks,
> > >
> > > Paul
> > >
> >
>
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070314/e47cd4a6/attachment.html

More information about the Users mailing list