[Swan] Libreswan 3.27 segfault

Paul Wouters paul at nohats.ca
Fri Feb 1 23:12:22 UTC 2019 

On Fri, 11 Jan 2019, csszep wrote:

> Still crashing with Libreswan master from 10 jan.

We finally found the core issue of this problem. It has been fixed and
will be in the next release 3.28. You can test with current git master.

https://github.com/libreswan/libreswan/commit/f614a9fca6c7512166367ddb651781ff411989b7

Paul


> I updating the github issue #169 with new gdb backtrace.
> 
> The RHEL bugzilla enry is not accessible with regular RH account.
> 
> Thx Csszep
> 
> csszep <csszep at gmail.com> ezt írta (időpont: 2018. dec. 4., K, 9:23):
>       Hi Paul!
> 
> Thx for the Answer. I will try and report. Unfortunately the crash now happens ony once or twice a week....
> 
> Paul Wouters <paul at nohats.ca> ezt írta (időpont: 2018. dec. 3., H, 15:40):
>       On Thu, 29 Nov 2018, csszep wrote:
>
>       > I have a longstanding problem w libreswan. See github issue #169
>       >
>       > Can anyone help identify the problem?
>       >
>       > The crash happened daily (SA delete? rekey?), and after 4-5 crashes it works again.
>       >
>       > The last few messages, before every  crash:
>       >
>       >
>       > 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2" #701: received Delete SA(0xb6ca75dc) payload: deleting IPSEC State #702
>       > 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2" #702: deleting other state #702 (STATE_QUICK_R2) and sending notification
>       > 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2" #702: ESP traffic information: in=1MB out=248KB
>       > 2018-11-28T10:43:15+01:00 firewall1 pluto[16834]: "customer2 #701: deleting state (STATE_MAIN_R3) and sending notification
>       > 2018-11-28T10:40:23+01:00 firewall1 kernel: traps: pluto[16834] general protection ip:7f71e05e212b sp:7ffcd12c9180 error:0 in pluto[7f71e0587000+154000]
>       >
>       > The connection "customer2" is not the same in every crash, but maybe? all connections that causes the crash come from F5/BIG-IP peer....
>
>       Can you try git master? I think this issue is fixed there. This is when
>       there is a Delete plus an additional notify payload.
>
>       A different backport of the same bug is applied for RHEL via https://bugzilla.redhat.com/show_bug.cgi?id=1630355
>
>       Paul
> 
> 
>

More information about the Swan mailing list