IPSec Segfaults with RSA+Xauth (works fine with PSK+Xauth) on i386 :-/
-
This one is beyond me.. racoon segfaults every time the client sends back the XAUTH_USER_NAME and XAUTH_USER_PASSWORD when using RSA+Xauth. It does a core dump and game over. Everything is fine with PSK+Xauth.
Nov 20 19:52:20 pf racoon: 2012-11-19 20:52:20: DEBUG: Attribute XAUTH_USER_NAME, len 9
Nov 20 19:52:20 pf racoon: 2012-11-19 20:52:20: DEBUG: Attribute XAUTH_USER_PASSWORD, len 14
Nov 20 19:52:20 pf racoon: 2012-11-19 20:52:20: INFO: Using port 0There's nothing useful when running it verbose with -D from the cli either. Anyone else experiencing this?
Running 2.1-BETA0 (i386) from yesterday (same behavior from a September beta fwiw).
-
We've had at least one other report of that, but so far haven't been able to reproduce it here. The other person is actually seeing it crash with PSK+Xauth and not RSA.
-
The other person is actually seeing it crash with PSK+Xauth and not RSA.
+1 for me, just noticed that I have that problem too :(
-
The very latest snapshot should have a fixed racoon binary (hopefully). Worth another try.
-
The very latest snapshot should have a fixed racoon binary (hopefully). Worth another try.
Updated to the latest:
- PSK+Xauth now segfaults
- RSA+Xauth now gets me this far before it segfaults…
2012-11-21 17:35:34: DEBUG: Configuration exchange type mode config REPLY 2012-11-21 17:35:34: DEBUG: Attribute XAUTH_USER_NAME, len 7 2012-11-21 17:35:34: DEBUG: Attribute XAUTH_USER_PASSWORD, len 15 2012-11-21 17:35:34: INFO: Using port 0 2012-11-21 17:35:34: DEBUG: External authentication script starting for user "testing" Segmentation fault: 11 (core dumped) -
Can you retrieve the core file and upload somewhere?
Also can you make sure the /var/etc/ipsec/ipsec.php is there? -
@ermal:
Can you retrieve the core file and upload somewhere?
Also can you make sure the /var/etc/ipsec/ipsec.php is there?Yep, ipsec.php is there, and other configs there look fine to.
Here's my core file: http://files.ivimbu.com/u/?a=d&i=0iu2eGXXFu -
I actually pushed a new fix.
Please try with next snapshot. -
@ermal:
I actually pushed a new fix.
Please try with next snapshot.That fixed it!!! Great job ;-)
