[Swan-dev] Crash with libreswan-git 24/10 (fwd)

Paul Wouters paul at nohats.ca
Sun Oct 26 23:49:09 EET 2014


FYI

---------- Forwarded message ----------
Date: Sun, 26 Oct 2014 17:03:23
From: Reuben Farrelly <reuben-libreswan at reub.net>
To: Paul Wouters <paul at nohats.ca>
Subject: Re: Crash with libreswan-git 24/10 (fwd)

On 27/10/2014 7:14 AM, Paul Wouters wrote:
> On Fri, 24 Oct 2014, Reuben Farrelly wrote:
> 
>> I've still got the core dump if you need me to run anything else from
>> it..
> 
> Do you have right=%any and dpdaction=restart? Or some other parameter
> that would cause "wildcards" on the connection? Like using an id with
> "*" or using ikev2 narrowing=yes?

Yes - I had right=%any and dpdaction=restart (both left and right id were 
specified and haven't got ikev2 narrowing set).

>>> #0  0x000000000040f39d in restart_connections_by_peer (c=0xac7a78)
> 
> That code seems to not handle instantiations properly.
> 
> If this is the server end, use rekey=no and dpdaction=clear.
> 
> We're looking at fixing this bug, but one of the fixes would be to
> disallow dpdaction=restart when there is right=%any.

I had commented out dpdaction= the other day after I got your email suggesting 
that dpdaction was related to the problem, and things have stabilised 
significantly since then.  I've now changed the config to use rekey=no and 
dpdaction=clear so will see how that goes.

Thanks,
Reuben



More information about the Swan-dev mailing list