[Swan-dev] Crash with libreswan-git 24/10 (fwd)
Paul Wouters
paul at nohats.ca
Sun Oct 26 23:49:09 EET 2014
FYI
---------- Forwarded message ----------
Date: Sun, 26 Oct 2014 17:03:23
From: Reuben Farrelly <reuben-libreswan at reub.net>
To: Paul Wouters <paul at nohats.ca>
Subject: Re: Crash with libreswan-git 24/10 (fwd)
On 27/10/2014 7:14 AM, Paul Wouters wrote:
> On Fri, 24 Oct 2014, Reuben Farrelly wrote:
>
>> I've still got the core dump if you need me to run anything else from
>> it..
>
> Do you have right=%any and dpdaction=restart? Or some other parameter
> that would cause "wildcards" on the connection? Like using an id with
> "*" or using ikev2 narrowing=yes?
Yes - I had right=%any and dpdaction=restart (both left and right id were
specified and haven't got ikev2 narrowing set).
>>> #0 0x000000000040f39d in restart_connections_by_peer (c=0xac7a78)
>
> That code seems to not handle instantiations properly.
>
> If this is the server end, use rekey=no and dpdaction=clear.
>
> We're looking at fixing this bug, but one of the fixes would be to
> disallow dpdaction=restart when there is right=%any.
I had commented out dpdaction= the other day after I got your email suggesting
that dpdaction was related to the problem, and things have stabilised
significantly since then. I've now changed the config to use rekey=no and
dpdaction=clear so will see how that goes.
Thanks,
Reuben
More information about the Swan-dev
mailing list