[Bug 450517] New: Turnpike: adding phase2 subnet causing protection fault with racoon

https://bugzilla.novell.com/show_bug.cgi?id=450517 Summary: Turnpike: adding phase2 subnet causing protection fault with racoon Product: openSUSE 11.1 Version: RC 1 Platform: x86-64 OS/Version: SuSE Other Status: NEW Severity: Major Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: paca@sci.fi QAContact: qa@suse.de Found By: Community User (This bug almost same as 450364, only with openSuse 11.1) I'm trying to built vpn connection to ipsec-firewall by using vpnlogin. As soon I add phase2 subnet setting to profile racoond dies every time I try to connect, at time when turnpike sends phase2 config to racoond. Dec 1 14:30:26 NAKKHL008 kernel: racoon[5762] general protection ip:7f5437181560 sp:7fff4004c6a8 error:0 in libc-2.9.so[7f5437105000+14f000] Without phase 2 subnet (<networks> entry) phase1 is initialized fine. rpm versions (opensuse 11.1) are: turnpike-0.1.1-244.60 novell-ipsec-tools-0.7.1-2.2 I'm assuming that theres something wrong how turnpike parses phase2 profile file or how it send's profile to racoond. Configuration files and log files are like ### .turnpike/profiles/profile_CONNECTIONTEST.prf <?xml version="1.0"?> <profile name="CONNECTIONTEST"> connectiontest.dyndns.org Standard IPsec gateway <certificate>mycert.pfx</certificate> <policies> <phase1> <proposals> <entry mode="MM" dhgroup="dh2" authmethod="X.509"/> </proposals> </phase1> <phase2> <proposals> <entry pfsgroup="off"/> </proposals> <networks> <entry network="192.168.0.0" mask="255.255.255.0"/> </networks> </phase2> </policies> </profile> ### ~/.turnpike/log.txt 2008-12-01 14:30:22: INFO: Novell VPN Client for Linux GUI Startup .... 2008-12-01 14:30:26: INFO: server_ip_addr = 84.253.213.7 , source_ip = 172.21.89.169 2008-12-01 14:30:26: INFO: Successfully sent message type 305 to admin port 2008-12-01 14:30:26: INFO: peek length = 8, Peeked length = 8 2008-12-01 14:30:26: INFO: Received Length= 8 2008-12-01 14:30:26: INFO: The Received Buffer length is 8 ... 2008-12-01 14:30:26: INFO: Successfully sent message type 303 to admin port 2008-12-01 14:30:26: WARNING: Connection closed. May be server closed this connection! ### /var/sys/messages Dec 1 14:30:26 NAKKHL008 racoon: WARNING: /etc/racoon/racoon.conf:137: "}" b=0, dh_group=1 Dec 1 14:30:26 NAKKHL008 racoon: WARNING: /home/petri/.turnpike/racoon.conf:42: "}" b=0, dh_group=2 Dec 1 14:30:26 NAKKHL008 racoon: WARNING: /home/petri/.turnpike/racoon.conf:42: "}" b=2, dh_group=2 Dec 1 14:30:26 NAKKHL008 racoon: WARNING: /home/petri/.turnpike/racoon.conf:42: "}" b=2, dh_group=2 Dec 1 14:30:26 NAKKHL008 racoon: WARNING: /home/petri/.turnpike/racoon.conf:42: "}" b=2, dh_group=2 Dec 1 14:30:26 NAKKHL008 racoon: NOTIFY: NAT-T is enabled, autoconfiguring ports Dec 1 14:30:26 NAKKHL008 kernel: racoon[5762] general protection ip:7f5437181560 sp:7fff4004c6a8 error:0 in libc-2.9.so[7f5437105000+14f000] -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.