Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 9 May 2019 13:41:36 +0200
From:      Peter Blok <pblok@bsd4all.org>
To:        Eugene Grosbein <eugen@grosbein.net>
Cc:        KOT MATPOCKuH <matpockuh@gmail.com>, "Andrey V. Elsukov" <bu7cher@yandex.ru>, stable@freebsd.org
Subject:   Re: route based ipsec
Message-ID:  <FF7860AB-C6A2-4D7A-B8FF-8562E549A1BB@bsd4all.org>
In-Reply-To: <83f4e225-b767-72ee-43df-52163271ce8e@grosbein.net>
References:  <CALmdT0Wdb%2B=LHvTaO9MU=MnQvQJEzKT9CXAf2kVPY=AAc=kxVQ@mail.gmail.com> <a7d8c37c-8712-ded6-4c30-d473bf20f877@yandex.ru> <CALmdT0W6f_X-V6UadxwYpsfbr0m34xANRGN5qWhs-7KMvCyA6A@mail.gmail.com> <83f4e225-b767-72ee-43df-52163271ce8e@grosbein.net>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
I have tried certificates in the past, but racoon never worked stable enough. Didn’t crash on me though.

I have moved over to Strongswan and never regretted this move. Very stable.

Peter

> On 8 May 2019, at 03:29, Eugene Grosbein <eugen@grosbein.net> wrote:
> 
> 08.05.2019 3:23, KOT MATPOCKuH wrote:
> 
>> I'm misunderstand what in my configuration can result core dumps a running
>> daemon...
>> I'm attached a sample racoon.conf. Can You check for possible problems?
>> Also on one host I got a crash in another function:
>> (gdb) bt
>> #0  0x000000000024717f in privsep_init ()
>> #1  0x00000000002375f4 in inscontacted ()
>> #2  0x00000000002337d0 in isakmp_plist_set_all ()
>> #3  0x000000000023210d in isakmp_ph2expire ()
>> #4  0x000000000023162a in isakmp_ph1delete ()
>> #5  0x000000000023110b in isakmp_ph2resend ()
>> #6  0x00000008002aa000 in ?? ()
>> #7  0x0000000000000000 in ?? ()
> 
> I guess configuration using certificates is not tested enough.
> It works stable for me but I use psk only.
> 
> You need to fix code yourself or stop using racoon with certificates.
> 
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"


[-- Attachment #2 --]
0	*H
010
	`He0	*H
 00l"ϫmW0
	*H
010	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1=0;U4COMODO RSA Client Authentication and Secure Email CA0
180414000000Z
210413235959Z0D10	UNL10U
Peter Blok1 0	*H
	pblok@bsd4all.org0"0
	*H
0
O޾̴͚UFkڅUĈIG΂m2C:C<&㎎ְkx҃M\xiKdD<eb#ۨ>EgN YFNU5
4dȬZ

T.~qt#2^A
^|<2G"plj84I(ARٝ*WHPdvKۑsY,pyM/ٔUاO)`nj90sn%ԛ00U#0la|=+qH^ċ0U\Yx%Z&?^0U0U00U%0++0FU ?0=0;+10+0)+https://secure.comodo.net/CPS0ZUS0Q0OMKIhttp://crl.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crl0+0}0U+0Ihttp://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt0$+0http://ocsp.comodoca.com0
	*H
e5pm| Z3"2pgX*<θQD0.1TFu3Bqϙ}')uao."YTcRa8yv4>Yv;?K(Z7?kNZY6o0,0=։ϣK_yv6c]R3ѵrʀNξK)k
?bD'vnoDkRO3{$H
4uD!100010	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1=0;U4COMODO RSA Client Authentication and Secure Email CAl"ϫmW0
	`He0	*H
	1	*H
0	*H
	1
190509114136Z0/	*H
	1" *8@Sby)NhXszX0	+710010	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1=0;U4COMODO RSA Client Authentication and Secure Email CAl"ϫmW0*H
	1010	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1=0;U4COMODO RSA Client Authentication and Secure Email CAl"ϫmW0
	*H
2-i[dܴ2#Tȍ/R


[OщQWuTea˗	=x#&Xv_fsVD"I%P}%"iǮ\'xmJl \8n;|z-kyd&ο/wR,Ny\'4Z1补tF
U0A
RM'LzޞLf-CHZSbMBG&?ɑqv
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FF7860AB-C6A2-4D7A-B8FF-8562E549A1BB>