Project

General

Profile

Actions
Copy link

Bug #12835

closed

segfault after certificate issue, trying to update from 21.05.2-RELEASE to 22.01 on Netgate SG-1100

Added by Sean McBride about 3 years ago. Updated about 3 years ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Unknown
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:
SG-1100

Description

On my Netgate SG-1100 I used the GUI to update from 21.05.2-RELEASE to 22.01. It failed, ending with the following:

```
Number of packages to be installed: 6
Number of packages to be upgraded: 92
Number of packages to be reinstalled: 96

The process will require 64 MiB more space.
174 MiB to be downloaded.
1082953728:error:141F0006:SSL routines:tls_construct_cert_verify:EVP lib:/var/jenkins/workspace/pfSense-build-release-tarballs/BUILD_NODE/pkg-aarch64/OS_MAJOR_VERSION/freebsd12/PLATFORM/aws/crypto/openssl/ssl/statem/statem_lib.c:283:
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/CN=repo01.netgate.com
1082953728:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-build-release-tarballs/BUILD_NODE/pkg-aarch64/OS_MAJOR_VERSION/freebsd12/PLATFORM/aws/crypto/openssl/ssl/statem/statem_clnt.c:1916:
Child process pid=29822 terminated abnormally: Segmentation fault
Failed
```

Actions
Copy link
 #1

Updated by Kris Phillips about 3 years ago

This isn't a bug with software, but is an issue with the chip that handles authentication to the repo. If you go to Diagnostics --> Halt System, then after it shuts down remove power completely for 30 seconds, you should be able to power it up again and have this issue go away. It's very rare, but does happen once in a very great while.

Actions
Copy link
 #2

Updated by Sean McBride about 3 years ago

Thanks for your reply, I'll give that a try.

But I don't think I can agree with "this isn't a bug with software". The software should not be segfaulting. It seems like the error checking is lacking.

Actions
Copy link
 #3

Updated by Shaun Currier about 3 years ago

Also happening to me on Netgate SG-1100. Error message has the same line numbers and appears identical from a quick skim. This firewall is remote. Is there any workaround when the power can't be pulled?

Actions
Copy link
 #4

Updated by Shaun Currier about 3 years ago

Actually, I rebooted with filesystem check and that resolved it and allowed the update to complete.

Actions
Copy link
 #5

Updated by Jim Pingle about 3 years ago

  • Status changed from New to Not a Bug
Actions
Copy link
 #6

Updated by Sean McBride about 3 years ago

Jim, how is a segfault "not a bug"? Such crashes are sometimes even exploitable.

Actions
Copy link
 #7

Updated by Jim Pingle about 3 years ago

It's a hardware issue, not a bug. And there is already a workaround in 22.01 for it.

Actions
Copy link

Also available in: Atom PDF