[Openswan Users] Openswan 2.6.50 programs segfault (kernel 2.6.39) with cross compile
Brian Tuchten
brian.tuchten at redlion.net
Thu Oct 5 18:28:25 EDT 2017
> Cross compiling for arm/eldk Openswan 2.6.50 with Kernel 2.6.39, every exe
> segfaults. Core files wiith gdb give me no useful information
Disregard compile issue. After changing these vars in Makefile.inc to
USERCOMPILE=-g -O3 ${WERROR} $(GCC_LINT)
KLIPSCOMPILE=-O3 -DCONFIG_KLIPS_ALG -DDISABLE_UDP_CHECKSUM
USERLINK=-Wl,-z,relro
It cross compiles and runs now without a segfault. But pluto segfaults after connecting.
Oct 5 17:24:01 pluto[14698]: "AzureTest1" #1: transition from state STATE_IKEv2_START to state STATE_PARENT_I1
Oct 5 17:24:01 pluto[14698]: "AzureTest1" #1: STATE_PARENT_I1: sent v2I1, expected v2R1 (msgid: 00000000/00000000)
Oct 5 17:24:01 pluto[14698]: "AzureTest1" #2: transition from state STATE_PARENT_I1 to state STATE_PARENT_I2
Oct 5 17:24:01 pluto[14698]: "AzureTest1" #2: STATE_PARENT_I2: sent v2I2, expected v2R2 {auth=IKEv2 oursig= theirsig= cipher=aes_256 integ=sha1_96 prf=oakley_sha group=modp1024} (msgid: 00000000/00000000)
Oct 5 17:24:01 pluto[14698]: packet from 52.176.157.40:500: IKEv2 mode peer ID is ID_IPV4_ADDR: '52.x.x.x
Oct 5 17:24:01 pluto[14698]: | checking TSi(1)/TSr(1) selectors, looking for exact match
Oct 5 17:24:01 pluto[14698]: | printing contents struct traffic_selector
Oct 5 17:24:01 pluto[14698]: | ts_type: IKEv2_TS_IPV4_ADDR_RANGE
Oct 5 17:24:01 pluto[14698]: | ipprotoid: 0
Oct 5 17:24:01 pluto[14698]: | startport: 0
Oct 5 17:24:01 pluto[14698]: | endport: 65535
Oct 5 17:24:01 pluto[14698]: | ip low: 166.130.62.52
Oct 5 17:24:01 pluto[14698]: | ip high: 166.130.62.52
Oct 5 17:24:01 pluto[14698]: | printing contents struct traffic_selector
Oct 5 17:24:01 pluto[14698]: | ts_type: IKEv2_TS_IPV4_ADDR_RANGE
Oct 5 17:24:01 pluto[14698]: | ipprotoid: 0
Oct 5 17:24:01 pluto[14698]: | startport: 0
Oct 5 17:24:01 pluto[14698]: | endport: 65535
Oct 5 17:24:01 pluto[14698]: | ip low: 52.176.157.40
Oct 5 17:24:01 pluto[14698]: | ip high: 52.176.157.40
Oct 5 17:24:01 pluto[14707]: pluto_crypto_helper: helper [nonnss] (0) is exiting normally
Oct 5 17:24:01 ipsec__plutorun: /usr/local/lib/ipsec/_plutorun: line 257: 14698 Segmentation fault /usr/local/lib/ipsec/pluto --nofork --secretsfile /etc/ipsec/ipsec.secrets --ipsecdir /etc/ipsec/ipsec.d --use-auto --uniqueids --nhelpers -1 --secctx_attr_value 32001
Oct 5 17:24:01 ipsec__plutorun: !pluto failure!: exited with error status 139 (signal 11)
I had this same problem in 2.6.49 , and was asked to comment out nhelpers= which fixed the segfault in 2.6.49, but does not help this time. Config looks like this
conn AzureTest1
type=tunnel
keylife=60m
ikelifetime=480m
authby=secret
auth=esp
ikev2=insist
esp=aes256-sha1
ike=aes256-sha1-modp1024
dpdaction=restart
dpddelay=30
dpdtimeout=60
auto=start
pfs=no
aggrmode=no
keyingtries=%forever
left=%defaultroute
right=52.x.x.x
-Brian
More information about the Users
mailing list