[Swan] Libreswan 3.29 segfault in ikev2.c ikev2_process_packet()
Alan Szlosek
alan at redoxengine.com
Wed Nov 6 20:30:32 UTC 2019
Sure, here's everything pertaining to those 2 SAs:
Oct 16 16:07:08 ip-172-20-116-172 pluto[4703]: packet from NNNNNNNNNN:4500:
EXPECTATION FAILED: child state #533502 missing parent state #533497 (in
get_ike_sa() at state.c:461)
Oct 16 16:07:08 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
deleting state (STATE_PARENT_R2) aged 4.913s and sending notification
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/1x2" #533502:
STATE_V2_IPSEC_R: IPsec SA established tunnel mode {ESP/NAT=>0xa6587dec
<0xb550a3ae xfrm=NNNNNN NATOA=none NATD=NNNNNNNNNNNN:4500 DPD=active}
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/1x2" #533502:
negotiated connection ...
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
received unsupported NOTIFY v2N_NON_FIRST_FRAGMENTS_ALSO
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
proposal 1:ESP:SPI=a6587dec;ENCR=NNNNNN chosen from remote proposals...
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
Authenticated using authby=secret
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
IKEv2 mode peer ID is ID_IPV4_ADDR: ‘NNNNNN'
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
processing decrypted IKE_AUTH request: SK{V,IDi,AUTH,SA,TSi,TSr,N,N,N}
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
processing encrypted IKE_AUTH request: SK (message arrived 0 seconds ago)
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
STATE_PARENT_R1: received v2I1, sent v2R1 {auth=IKEv2 cipher=NNNNNNNNN}
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
proposal 2:IKE:ENCR=...
Oct 16 16:07:03 ip-172-20-116-172 pluto[4703]: "NNNNNNNN/2x3" #533497:
processing IKE_SA_INIT request: SA,KE,Ni,V,V,N,N,N,V (message arrived 0
seconds ago)
On Wed, Nov 6, 2019 at 2:58 PM Andrew Cagney <andrew.cagney at gmail.com>
wrote:
>
>
> On Wed, 6 Nov 2019 at 13:12, Alan Szlosek <alan at redoxengine.com> wrote:
>
>> Can do ....
>>
>> The parent was indeed deleted.
>>
>> I see this:
>> #533497: received unsupported NOTIFY v2N_NON_FIRST_FRAGMENTS_ALSO
>>
>
> this log message should be changed to ... - ignored
>
> Then 5 seconds later the deletion:
>> #533497: deleting state (STATE_PARENT_R2) aged 4.913s and sending
>> notification
>> Followed immediately by the crash:
>> EXPECTATION FAILED: child state #533502 missing parent state #533497
>> (in get_ike_sa() at state.c:461)
>>
>>
> so why was the IKE SA deleted?
> perhaps post everything relevant; I'd start with <<grep -v -e '#533497' -e
> '#533502'>> with anything sensitive stripped out; but keep an eye out for a
> rekey, history may go back even further
>
>
--
Alan Szlosek
Infrastructure Engineer
redoxengine.com <https://www.redoxengine.com>
<https://www.redoxengine.com/redox-interoperability-summit-2019/?utm_medium=email&utm_source=Email%20Signature%20Banner&utm_campaign=Summit19&utm_content=banner>
[image:
https://www.redoxengine.com/redox-interoperability-summit-2019/?utm_medium=email&utm_source=Email%20Signature%20Banner&utm_campaign=Summit19&utm_content=banner]
<https://www.redoxengine.com/redox-interoperability-summit-2019/?utm_medium=email&utm_source=Email%20Signature%20Banner&utm_campaign=Summit19&utm_content=banner>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20191106/2c69292d/attachment.html>
More information about the Swan
mailing list