[Swan-dev] Pluto crash with expired certificates

Wolfgang Nothdurft wolfgang at linogate.de
Thu Feb 5 18:26:23 EET 2015


With commit aac20299b27be6c401cb5d45262a559994e52431 a bug was 
introduced that causes pluto to crash if an end user certificate is expired.

Feb  5 17:03:10 master pluto[14892]:   X.509 certificate expired at Dec 
16 09:39:54 UTC 2013 (it is now Feb 05 16:03:10 UTC 2015)
Feb  5 17:03:10 master ipsec_starter[14894]: connect(pluto_ctl) failed: 
Connection refused
Feb  5 17:03:10 master ipsec_starter[14894]: connect(pluto_ctl) failed: 
Connection refused
Feb  5 17:03:10 master ipsec_starter[14894]: connect(pluto_ctl) failed: 
Connection refused
Feb  5 17:03:10 master ipsec__plutorun: !pluto failure!:  exited with 
error status 139 (signal 11)

The attached patch added the missing return false statement to fix this 
problem.

Regards
Wolfgang
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libreswan-3.12-expired_certfix.patch
Type: text/x-patch
Size: 405 bytes
Desc: not available
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20150205/b7724aeb/attachment.bin>


More information about the Swan-dev mailing list