[Openswan Users] endless loop pluto keeps crashing and trying to restart

Brian Gustin brian at daviesinc.com
Mon Mar 10 18:25:27 EDT 2008 

root at tom:~# gdb --core=/tmp/core
GNU gdb 6.7.1-debian
Copyright (C) 2007 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
Core was generated by `/usr/lib/ipsec/pluto --nofork --secretsfile 
/etc/ipsec.secrets --ipsecdir /etc/'.
Program terminated with signal 6, Aborted.
#0  0xb7d81f06 in ?? ()
(gdb)

Other info:
I actually got a little bit further- initially I couldnt even get a key 
generated, til I read something about /dev/random, so then I was able to 
generate a new key on this (idle, but production) server, and on another 
terminal just tailed the syslog while it looped.

Also figured out how to kill all the processes so it would stop filling 
up syslog (bit crude, IMO but it worked- /etc/init.d/ipsec stop;killall 
-9 _plutorun; )

The machine that has the problem - this is what I was getting after 
making a kernel module change, so I think it's a little bit closer, but 
still isnt there yet:

Mar 10 14:52:09 tom ipsec__plutorun: !pluto failure!:  exited with error 
status 134 (signal 6)
Mar 10 14:52:09 tom ipsec__plutorun: restarting IPsec after pause...
Mar 10 14:52:19 tom ipsec_setup: ...Openswan IPsec stopped
Mar 10 14:52:19 tom ipsec_setup: Stopping Openswan IPsec...
Mar 10 14:52:19 tom ipsec_setup: Removing orphaned /var/run/pluto/pluto.pid:
Mar 10 14:52:19 tom ipsec_setup: NETKEY on eth0 
66.244.144.232/255.255.255.0 broadcast 66.244.144.255
Mar 10 14:52:19 tom ipsec_setup: ...Openswan IPsec started
Mar 10 14:52:19 tom ipsec_setup: Restarting Openswan IPsec 
U2.4.8/K2.6.24.3...
Mar 10 14:52:20 tom ipsec__plutorun: whack: read() failed (104 
Connection reset by peer)
Mar 10 14:52:20 tom ipsec__plutorun: /usr/lib/ipsec/_plutorun: line 237: 
  4475 Aborted                 (core dumped) /usr/lib/ipsec/pluto 
--nofork --secretsfile /etc/ipsec.secrets --ipsecdir /etc/ipsec.d 
--use-auto --uniqueids --nat_traversal --nhelpers 0
Mar 10 14:52:20 tom ipsec__plutorun: !pluto failure!:  exited with error 
status 134 (signal 6)

Ive tried looking up the connection reset by peer part, and get the 
impression this is caused from the abort , so the last line- exited with 
error status 134 (signal 6)

I havent figured out what that means yet, I'm still reading the source 
code trying to see what generates that status code, hopefully this 
information will help pinpoint the issue or at least get us in the right 
direction..

- Thanks for the help so far.. definitely an interesting challenge :)


Paul Wouters wrote:
> On Mon, 10 Mar 2008, Brian Gustin wrote:
> 
>> Mar 10 12:28:23 tom ipsec__plutorun: restarting IPsec after pause...
> 
>> Linux Openswan U2.4.8/K2.6.24.3 (netkey)
> 
> We have not even looked at 2.6.24 yet. If any XFRM or CryptoAPI code
> changed, that might be the reason.
> 
> Add dumpdir=/tmp to config setup and check the core in /tmp/ with
> gdb to give us more information.
> 
> Paul
> 
> !DSPAM:1,47d5b159322305120455541!
> 
>

More information about the Users mailing list