misc/177785: ipsec-tools 0.8.0 racoon tends to segfault when multiple Phase1's aren't establishing

Todd Blum todd at toddblum.org
Mon Apr 22 17:37:04 UTC 2013


The error message 'failed to get sainfo' is usually appearing in the logs
prior to the segfaults, then not at all afterwards:

Apr 16 09:59:51 192.168.116.250 racoon: [xx.xx.xxx.xx] ERROR: unknown
Informational exchange received.
Apr 16 09:59:55 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 09:59:57 192.168.116.250 racoon: [yy.yy.yy.yyy] ERROR: unknown
Informational exchange received.
Apr 16 10:00:02 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:00:02 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:00:16 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:00:23 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:00:23 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:00:41 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:00:44 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:00:44 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:02 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:06 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:06 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:14 192.168.116.250 racoon: INFO: respond new phase 1
negotiation: zz.zz.zz.zz[500]<=>hh.hh.hh.hh[500]
Apr 16 10:01:14 192.168.116.250 racoon: INFO: begin Identity Protection
mode.
Apr 16 10:01:17 192.168.116.250 racoon: INFO: ISAKMP-SA established
zz.zz.zz.zz[500]-hh.hh.hh.hh[500] spi:baa4c93e8c16198c:482ba6110eeabc0
c
Apr 16 10:01:17 192.168.116.250 racoon: INFO: purged IPsec-SA proto_id=ESP
spi=2201026904.
Apr 16 10:01:17 192.168.116.250 racoon: INFO: purged IPsec-SA proto_id=ESP
spi=3679806084.
Apr 16 10:01:18 192.168.116.250 racoon: INFO: respond new phase 2
negotiation: zz.zz.zz.zz[500]<=>hh.hh.hh.hh[500]
Apr 16 10:01:18 192.168.116.250 racoon: INFO: IPsec-SA established: ESP
zz.zz.zz.zz[500]->hh.hh.hh.hh[500] spi=119993144(0x726f338)
Apr 16 10:01:18 192.168.116.250 racoon: INFO: IPsec-SA established: ESP
zz.zz.zz.zz[500]->hh.hh.hh.hh[500] spi=2718404122(0xa2078e1a)
Apr 16 10:01:19 192.168.116.250 racoon: INFO: ISAKMP-SA expired
zz.zz.zz.zz[500]-hh.hh.hh.hh[500] spi:baa4c93e8c16198c:482ba6110eeabc0c
Apr 16 10:01:19 192.168.116.250 racoon: INFO: ISAKMP-SA deleted
zz.zz.zz.zz[500]-hh.hh.hh.hh[500] spi:baa4c93e8c16198c:482ba6110eeabc0c
Apr 16 10:01:27 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:27 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:30 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:51 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:51 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:01:55 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:02:13 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:02:13 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:02:16 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:02:37 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:02:37 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:02:40 192.168.116.250 racoon: ERROR: failed to get sainfo.
Apr 16 10:02:41 192.168.116.250 racoon: INFO: respond new phase 1
negotiation: zz.zz.zz.zz[500]<=>hh.hh.hh.hh[500]
Apr 16 10:02:41 192.168.116.250 racoon: INFO: begin Identity Protection
mode.
Apr 16 10:02:42 192.168.116.250 kernel: pid 45397 (racoon), uid 0: exited
on signal 11 (core dumped)

Is there any relation to this error report?

https://bugs.launchpad.net/ubuntu/+source/ipsec-tools/+bug/913935


More information about the freebsd-bugs mailing list