https://bugzilla.novell.com/show_bug.cgi?id=450517
Summary: Turnpike: adding phase2 subnet causing protection fault
with racoon
Product: openSUSE 11.1
Version: RC 1
Platform: x86-64
OS/Version: SuSE Other
Status: NEW
Severity: Major
Priority: P5 - None
Component: Network
AssignedTo: bnc-team-screening@forge.provo.novell.com
ReportedBy: paca@sci.fi
QAContact: qa@suse.de
Found By: Community User
(This bug almost same as 450364, only with openSuse 11.1)
I'm trying to built vpn connection to ipsec-firewall by using vpnlogin.
As soon I add phase2 subnet setting to profile racoond dies
every time I try to connect, at time when turnpike sends phase2 config to
racoond.
Dec 1 14:30:26 NAKKHL008 kernel: racoon[5762] general protection
ip:7f5437181560 sp:7fff4004c6a8 error:0 in libc-2.9.so[7f5437105000+14f000]
Without phase 2 subnet (<networks> entry) phase1 is initialized fine.
rpm versions (opensuse 11.1) are:
turnpike-0.1.1-244.60
novell-ipsec-tools-0.7.1-2.2
I'm assuming that theres something wrong how turnpike parses phase2 profile
file or how it send's profile to racoond.
Configuration files and log files are like
### .turnpike/profiles/profile_CONNECTIONTEST.prf
<?xml version="1.0"?>
<profile name="CONNECTIONTEST">
connectiontest.dyndns.org
Standard IPsec gateway
<certificate>mycert.pfx</certificate>
<policies>
<phase1>
<proposals>
<entry mode="MM" dhgroup="dh2" authmethod="X.509"/>
</proposals>
</phase1>
<phase2>
<proposals>
<entry pfsgroup="off"/>
</proposals>
<networks>
<entry network="192.168.0.0" mask="255.255.255.0"/>
</networks>
</phase2>
</policies>
</profile>
### ~/.turnpike/log.txt
2008-12-01 14:30:22: INFO: Novell VPN Client for Linux GUI Startup ....
2008-12-01 14:30:26: INFO: server_ip_addr = 84.253.213.7
, source_ip = 172.21.89.169
2008-12-01 14:30:26: INFO: Successfully sent message type 305 to admin port
2008-12-01 14:30:26: INFO: peek length = 8, Peeked length = 8
2008-12-01 14:30:26: INFO: Received Length= 8
2008-12-01 14:30:26: INFO: The Received Buffer length is 8 ...
2008-12-01 14:30:26: INFO: Successfully sent message type 303 to admin port
2008-12-01 14:30:26: WARNING: Connection closed. May be server closed this
connection!
### /var/sys/messages
Dec 1 14:30:26 NAKKHL008 racoon: WARNING: /etc/racoon/racoon.conf:137: "}"
b=0, dh_group=1
Dec 1 14:30:26 NAKKHL008 racoon: WARNING:
/home/petri/.turnpike/racoon.conf:42: "}" b=0, dh_group=2
Dec 1 14:30:26 NAKKHL008 racoon: WARNING:
/home/petri/.turnpike/racoon.conf:42: "}" b=2, dh_group=2
Dec 1 14:30:26 NAKKHL008 racoon: WARNING:
/home/petri/.turnpike/racoon.conf:42: "}" b=2, dh_group=2
Dec 1 14:30:26 NAKKHL008 racoon: WARNING:
/home/petri/.turnpike/racoon.conf:42: "}" b=2, dh_group=2
Dec 1 14:30:26 NAKKHL008 racoon: NOTIFY: NAT-T is enabled, autoconfiguring
ports
Dec 1 14:30:26 NAKKHL008 kernel: racoon[5762] general protection
ip:7f5437181560 sp:7fff4004c6a8 error:0 in libc-2.9.so[7f5437105000+14f000]
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.