[Openswan Users] oakley_alg_makedb() failure explained
Paul Wouters
paul at xelerance.com
Thu Sep 22 16:27:38 EDT 2011
I still need to dive in deeper, but figured I'd bump this to dev@
It looks like oakley_alg_makedb() is trying to make the gsp, but it
remains NULL, and just before the end of the function we try to
call gsp->parentSA = TRUE; and segfault.
This function is not designed to fail with an error condition, and
it seems odd that i cannot make a single proposal. looking at the
corresponding ike/esp values for that conn I see:
aggrmode=yes
auto=add
auth=esp
esp=aes128-sha1-2
ike=des-md5-2
I guess the parser should have failed on this?
Bastian: I assume you meant "2" as in DiffieHellman group 2? That would be:
esp=aes128-sha1;modp1024
ike=des-md5;modp1024
Then I also noticed you wrote "des" and not "3des", which I think is the real
reason for the crasher, as we no longer support single des, and that entry
should not make it into the loaded proposal. You mean:
esp=aes128-sha1;modp1024
ike=3des-md5;modp1024
I confirmed using hte modp syntax with single des causes the crash.
I'll try and fix it before we release 2.6.36
Paul
---------- Forwarded message ----------
Date: Thu, 22 Sep 2011 20:38:51 +0200
From: Bastian Lemke <bastian.lemke at gmail.com>
Cc: users at openswan.org
To: Paul Wouters <paul at xelerance.com>
Subject: Re: [Openswan Users] ipsec__plutorun: Segmentation fault
Dear Paul,
I downloaded the openswan sources from openswan.org and modified Makefile.inc:
USE_LEAK_DETECTIVE=true
USERCOMPILE=-g -O0 -m64 ${WERROR} $(GCC_LINT)
That's the new backtrace:
#0 0x000000000046055c in oakley_alg_makedb (ai=0x1cbd848, base=0x6f9508,
maxtrans=2) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/spdb_struct.c:316
gsp = 0x0
emp_sp = 0x0
ike_info = 0x1cbd898
ealg = 1
halg = 1
modp = 2
eklen = 0
last_modp = 0
wrong_modp = 0
enc_desc = 0x1cc1550
transcnt = 0
i = -1
#1 0x000000000046291b in init_am_st_oakley (st=0x1cc0de8, policy=2181628005)
at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/spdb_v1_struct.c:1315
ta = {encrypt = 0, enckeylen = 0, prf_hash = 0, integ_hash = 0, auth =
0, xauth = 0, groupnum = 0, life_seconds = 3600, life_kilobytes = 1000000,
encrypter = 0x0, prf_hasher = 0x0, integ_hasher = 0x0, group = 0x0, ei = 0x0}
enc = 0x0
hash = 0x1cc10f8
auth = 0x1cc03e8
grp = 0x3ce92e19c
trans = 0x4037c0
prop = 0x7fffce92e1a0
cprop = 0x41501a
sa = 0x6f9508
revised_sadb = 0x7fffce92e1a0
c = 0x1cbe088
policy_index = 9
#2 0x00000000004740dc in aggr_outI1 (whack_sock=19, c=0x1cbe088,
predecessor=0x0, policy=2181628005, try=1, importance=pcim_demand_crypto) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/ikev1_aggr.c:1025
st = 0x1cc0de8
sr = 0x0
__FUNCTION__ = <error reading variable __FUNCTION__ (Cannot access
memory at address 0x4cae60)>
#3 0x00000000004211da in ipsecdoi_initiate (whack_sock=19, c=0x1cbe088,
policy=2181628005, try=1, replacing=0, importance=pcim_demand_crypto) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/ipsec_doi.c:356
initiator = 0x473f83 <aggr_outI1>
st = 0x0
#4 0x000000000040c99d in initiate_a_connection (c=0x1cbe088,
arg=0x7fffce92e2e0) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/initiate.c:225
is = 0x7fffce92e2e0
whackfd = 19
moredebug = 0
importance = pcim_demand_crypto
success = 0
#5 0x000000000040ca1c in initiate_connection (name=0x7fffce931050 "fcp",
whackfd=18, moredebug=0, importance=pcim_demand_crypto) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/initiate.c:250
is = {whackfd = 18, moredebug = 0, importance = pcim_demand_crypto}
c = 0x1cbe088
count = 32653
#6 0x0000000000451f88 in whack_process (whackfd=10, msg=...) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/rcv_whack.c:622
oco = 0x7014c0
#7 0x0000000000452391 in whack_handle (whackctlfd=5) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/rcv_whack.c:752
msg = {magic = 1869114150, whack_status = 0, whack_shutdown = 0,
name_len = 0, name = 0x7fffce931050 "fcp", whack_options = 0, debugging = 0,
whack_connection = 0, whack_async = 0, policy = 0, sa_ike_life_seconds = 3600,
sa_ipsec_life_seconds = 28800, sa_rekey_margin = 540, sa_rekey_fuzz =
100, sa_keying_tries = 0, dpd_delay = 0, dpd_timeout = 0, dpd_action =
DPD_ACTION_CLEAR, dpd_count = 0, remotepeertype = NON_CISCO, forceencaps = 0,
nmconfigured = NO, connmtu = 0, left = {id = 0x0, cert = 0x0, ca =
0x0, groups = 0x0, host_type = KH_NOTSET, host_addr = {u = {v4 = {sin_family =
0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family
= 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
__u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
host_nexthop = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr =
0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0,
0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 =
{
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port =
0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0,
0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
client = {addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"},
v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0,
0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id =
0}}}, maskbits = 0}, key_from_DNS_on_demand = 0, has_client = 0,
has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 0,
port = 0,
protocol = 0 '\000', virt = 0x0, xauth_server = 0, xauth_client =
0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0, tundev = 0,
sendcert = 0, certtype = CERT_NONE, host_addr_name = 0x0}, right = {id = 0x0,
cert = 0x0, ca = 0x0, groups = 0x0, host_type = KH_NOTSET,
host_addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port =
0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32
= {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_nexthop = {u = {v4 = {sin_family =
0,
sin_port = 0, sin_addr = {s_addr = 0}, sin_zero =
"\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0,
0, 0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 = {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family
= 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
__u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
client = {addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr =
0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0,
0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, maskbits = 0},
key_from_DNS_on_demand = 0, has_client = 0, has_client_wildcard =
0, has_port_wildcard = 0, updown = 0x0, host_port = 500, port = 0, protocol = 0
'\000', virt = 0x0, xauth_server = 0, xauth_client = 0, xauth_name = 0x0,
modecfg_server = 0, modecfg_client = 0, tundev = 0, sendcert = 0,
certtype = CERT_NONE, host_addr_name = 0x0}, addr_family = 2,
tunnel_addr_family = 2, ike = 0x0, pfsgroup = 0x0, esp = 0x0, whack_key = 0,
whack_addkey = 0,
keyid = 0x0, pubkey_alg = 0, keyval = {ptr = 0x7fffce93106e "", len =
0}, whack_myid = 0, myid = 0x0, whack_route = 0, whack_unroute = 0,
whack_initiate = 1, whack_oppo_initiate = 0, oppo_my_client = {u = {v4 = {
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero
= "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0,
0, 0, 0}}}, sin6_scope_id = 0}}}, oppo_peer_client = {u = {v4 = {sin_family =
0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family =
0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32
= {
0, 0, 0, 0}}}, sin6_scope_id = 0}}}, whack_terminate = 0,
whack_delete = 0, whack_deletestate = 0, whack_deletestateno = 0, whack_listen
= 0, whack_unlisten = 0, whack_crash = 0, whack_crash_peer = {u = {v4 = {
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero
= "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0,
0, 0, 0}}}, sin6_scope_id = 0}}}, whack_utc = 0, whack_list = 0,
whack_purgeocsp = 0, whack_reread = 0 '\000', tpmeval = 0x0, connalias = 0x0,
modecfg_dns1 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr =
{s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family =
0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0,
0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
modecfg_dns2 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr =
0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family =
0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32
= {
0, 0, 0, 0}}}, sin6_scope_id = 0}}}, modecfg_wins1 = {u =
{v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero =
"\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000'
<repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0,
0, 0, 0}}}, sin6_scope_id = 0}}}, modecfg_wins2 = {u = {v4 = {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0}, sin_zero =
"\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>, __u6_addr16 = {
0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}}}, metric = 0, dnshostname = 0x0, opt_set =
WHACK_ADJUSTOPTIONS, string1 = 0x0, string2 = 0x0, string3 = 0x0, str_size = 0,
string = "fcp", '\000' <repeats 4092 times>}
msg_saved = {magic = 1869114150, whack_status = 0, whack_shutdown = 0,
name_len = 0, name = 0x0, whack_options = 0, debugging = 0, whack_connection =
0, whack_async = 0, policy = 0, sa_ike_life_seconds = 3600,
sa_ipsec_life_seconds = 28800, sa_rekey_margin = 540, sa_rekey_fuzz =
100, sa_keying_tries = 0, dpd_delay = 0, dpd_timeout = 0, dpd_action =
DPD_ACTION_CLEAR, dpd_count = 0, remotepeertype = NON_CISCO, forceencaps = 0,
nmconfigured = NO, connmtu = 0, left = {id = 0x0, cert = 0x0, ca =
0x0, groups = 0x0, host_type = KH_NOTSET, host_addr = {u = {v4 = {sin_family =
0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family
= 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
__u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
host_nexthop = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr =
0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0,
0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 =
{
sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port =
0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0,
0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
client = {addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"},
v6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0,
0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id =
0}}}, maskbits = 0}, key_from_DNS_on_demand = 0, has_client = 0,
has_client_wildcard = 0, has_port_wildcard = 0, updown = 0x0, host_port = 0,
port = 0,
protocol = 0 '\000', virt = 0x0, xauth_server = 0, xauth_client =
0, xauth_name = 0x0, modecfg_server = 0, modecfg_client = 0, tundev = 0,
sendcert = 0, certtype = CERT_NONE, host_addr_name = 0x0}, right = {id = 0x0,
cert = 0x0, ca = 0x0, groups = 0x0, host_type = KH_NOTSET,
host_addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port =
0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32
= {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, host_nexthop = {u = {v4 = {sin_family =
0,
sin_port = 0, sin_addr = {s_addr = 0}, sin_zero =
"\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0,
0, 0, 0}}}, sin6_scope_id = 0}}}, host_srcip = {u = {v4 = {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family
= 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
__u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
client = {addr = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr =
0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0,
sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0,
0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}}, maskbits = 0},
key_from_DNS_on_demand = 0, has_client = 0, has_client_wildcard =
0, has_port_wildcard = 0, updown = 0x0, host_port = 500, port = 0, protocol = 0
'\000', virt = 0x0, xauth_server = 0, xauth_client = 0, xauth_name = 0x0,
modecfg_server = 0, modecfg_client = 0, tundev = 0, sendcert = 0,
certtype = CERT_NONE, host_addr_name = 0x0}, addr_family = 2,
tunnel_addr_family = 2, ike = 0x0, pfsgroup = 0x0, esp = 0x0, whack_key = 0,
whack_addkey = 0,
keyid = 0x0, pubkey_alg = 0, keyval = {ptr = 0x0, len = 0},
whack_myid = 0, myid = 0x0, whack_route = 0, whack_unroute = 0, whack_initiate
= 1, whack_oppo_initiate = 0, oppo_my_client = {u = {v4 = {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0}, sin_zero =
"\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>, __u6_addr16 = {
0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}}}, oppo_peer_client = {u = {v4 = {sin_family = 0, sin_port =
0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr =
{__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0,
0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
whack_terminate = 0, whack_delete = 0, whack_deletestate = 0,
whack_deletestateno = 0, whack_listen = 0, whack_unlisten = 0, whack_crash = 0,
whack_crash_peer = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 =
{sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0,
0},
__u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
whack_utc = 0, whack_list = 0, whack_purgeocsp = 0, whack_reread = 0 '\000',
tpmeval = 0x0, connalias = 0x0, modecfg_dns1 = {u = {v4 = {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0}, sin_zero =
"\000\000\000\000\000\000\000"}, v6 = {sin6_family = 0, sin6_port = 0,
sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>, __u6_addr16 = {
0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}}}, modecfg_dns2 = {u = {v4 = {sin_family = 0, sin_port = 0,
sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {
sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr =
{__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0,
0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
modecfg_wins1 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr =
{s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family =
0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0,
0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}},
modecfg_wins2 = {u = {v4 = {sin_family = 0, sin_port = 0, sin_addr = {s_addr =
0},
sin_zero = "\000\000\000\000\000\000\000"}, v6 = {sin6_family =
0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {__u6_addr8 =
'\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32
= {
0, 0, 0, 0}}}, sin6_scope_id = 0}}}, metric = 0,
dnshostname = 0x0, opt_set = WHACK_ADJUSTOPTIONS, string1 = 0x0, string2 = 0x0,
string3 = 0x0, str_size = 0, string = "fcp", '\000' <repeats 4092 times>}
whackaddr = {sun_family = 1,
sun_path = "N", '\000' <repeats 13 times>"\300,
TN\000\000\000\000\000<\000\000\000\000\000\000\000\240
\223\316\377\177\000\000\371\300H\000\000\000\000\000\017\000\000\000\000\000\000\000\300TN",
'\000' <repeats 13 times>, "+TN\000\000\000\000\000\320
\223\316\377\177\000\000\340$\223\316\377\177\000\000X\327\313\001\000\000\000\000\001|{N\001"}
whackaddrlen = 2
whackfd = 10
n = 1086
#8 0x000000000041ce90 in call_server () at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/server.c:775
readfds = {__osfds_bits = {32, 0 <repeats 127 times>}}
writefds = {__osfds_bits = {0 <repeats 128 times>}}
ndes = 1
ifp = 0x0
#9 0x0000000000419c92 in main (argc=28, argv=0x7fffce932bc8) at
/home/lemke/Downloads/openswan/openswan-2.6.35/programs/pluto/plutomain.c:1055
fork_desired = 0
lockfd = 4
ocspuri = 0x0
nhelpers = -1
coredir = 0x0
oco = 0x7014c0
nat_traversal = 1
nat_t_spf = 1
keep_alive = 0
force_keepalive = 0
virtual_private = 0x7fffce934ab4
"%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12"
Regards,
Bastian
Am 22.09.2011 08:48, schrieb Bastian Lemke:
> Dear Paul,
>
> Am 20.09.2011 15:51, schrieb Paul Wouters:
>>> #0 oakley_alg_makedb (ai=0x7faa572461c0, base=0x0, maxtrans=0)
>>> at
>>> /vol/openswan-debs/openswan-2.6.35dr1/programs/pluto/spdb_struct.c:316
>>> gsp = 0x0
>>> emp_sp = 0x0
>>> ike_info = 0x7b6878
>>> ealg = 1
>>> halg = 1
>>> modp = 0
>>> eklen = 0
>>> last_modp = 0
>>> wrong_modp = 0
>>> transcnt = 0
>>> i = 0
>> (gdb) bt full
>>
>> That's in AH mode? Are you really trying a connection with ah= parameters?
>> If so,
>> why? I recommend using esp=null if you really want no encryption.
> No, I'm not setting ah= parameters. I don't even know this parameter :-) And
> I don't want to establish an unencrypted connection.
> I'm not a VPN specialist and have only rudimentary knowledge about the VPN
> technology. I only tried to connect to my firewall at work (which works with
> OS X and IPSecuritas quite easily) from ubuntu.
>
>>
>> If you're not using ah, then things are really weird, and you might need to
>> recompile without -O2 for gdb to make more sense.
>>
>> Paul
>
> I'll try to recompile openswan this evening to provide you a more useful
> stacktrace...
>
> Regards,
> Bastian
More information about the Users
mailing list