[Swan] Libreswan 3.27 segfault
Paul Wouters
paul at nohats.ca
Mon Dec 3 14:40:19 UTC 2018
On Thu, 29 Nov 2018, csszep wrote:
> I have a longstanding problem w libreswan. See github issue #169
>
> Can anyone help identify the problem?
>
> The crash happened daily (SA delete? rekey?), and after 4-5 crashes it works again.
>
> The last few messages, before every crash:
>
>
> 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2" #701: received Delete SA(0xb6ca75dc) payload: deleting IPSEC State #702
> 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2" #702: deleting other state #702 (STATE_QUICK_R2) and sending notification
> 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2" #702: ESP traffic information: in=1MB out=248KB
> 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2 #701: deleting state (STATE_MAIN_R3) and sending notification
> 2018-11-28T10:40:23+01:00 firewall1 kernel: traps: pluto[16834] general protection ip:7f71e05e212b sp:7ffcd12c9180 error:0 in pluto[7f71e0587000+154000]
>
> The connection "customer2" is not the same in every crash, but maybe? all connections that causes the crash come from F5/BIG-IP peer....
Can you try git master? I think this issue is fixed there. This is when
there is a Delete plus an additional notify payload.
A different backport of the same bug is applied for RHEL via https://bugzilla.redhat.com/show_bug.cgi?id=1630355
Paul
More information about the Swan
mailing list