Bug #14009
closed
PHP error from upgraded IPsec tunnel containing only deprecated ciphers
Added by Marcos M about 1 year ago.
Updated about 1 year ago.
Plus Target Version:
23.05
Description
PHP error after upgrading to 23.01 and trying to configure IPsec tunnels.
PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /etc/inc/ipsec.inc:2546
Stack trace:
#0 /etc/inc/ipsec.inc(3267): ipsec_setup_tunnels(Array)
#1 /usr/local/www/vpn_ipsec.php(49): ipsec_configure()
#2 {main}
thrown in /etc/inc/ipsec.inc on line 2546
PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/vpn_ipsec_phase1.php:186
Stack trace:
#0 {main}
thrown in /usr/local/www/vpn_ipsec_phase1.php on line 186
Do we have access to the config that triggered this? Somehow it would have to have either a completely empty tunnel entry or one that lacks any encryption options in P1 at all, which the GUI won't let you create.
- Target version set to 2.7.0
- Plus Target Version changed from 23.01 to 23.05
- Subject changed from PHP error with IPsec to PHP error from upgraded IPsec tunnel containing only deprecated ciphers
- Assignee set to Jim Pingle
According to a user on the forum thread, their pre-upgrade configuration contained the following section:
<encryption>
<item>
<encryption-algorithm>
<name>3des</name>
<keylen></keylen>
</encryption-algorithm>
<hash-algorithm>sha512</hash-algorithm>
<prf-algorithm>sha256</prf-algorithm>
<dhgroup>20</dhgroup>
</item>
<item>
<encryption-algorithm>
<name>3des</name>
<keylen></keylen>
</encryption-algorithm>
<hash-algorithm>sha256</hash-algorithm>
<prf-algorithm>sha256</prf-algorithm>
<dhgroup>20</dhgroup>
</item>
</encryption>
- Status changed from New to Feedback
- % Done changed from 0 to 100
I applied the patch on:
23.01-RELEASE (amd64)
built on Fri Feb 10 20:06:33 UTC 2023
FreeBSD 14.0-CURRENT
However, after restoring the config with the empty <encryption></encryption> section, a PHP crush occurred in the GUI.
Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #0 plus-RELENG_23_01-n256037-6e914874a5e: Fri Feb 10 20:30:29 UTC 2023 root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-23_01-main/obj/amd64/VDZvZksF/var/jenkins/workspace/pfSense-Plus-snapshots-23_01-main/sources/FreeBS
Crash report details:
PHP Errors:
[04-Mar-2023 15:36:12 Etc/UTC] PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /etc/inc/ipsec.inc:2546
Stack trace:
#0 /etc/inc/ipsec.inc(3267): ipsec_setup_tunnels(Array)
#1 /etc/rc.bootup(401): ipsec_configure()
#2 {main}
thrown in /etc/inc/ipsec.inc on line 2546
No FreeBSD crash data found.
Yet, I could edit the IPsec in the GUI with no new crashes.
- Status changed from Feedback to In Progress
- % Done changed from 100 to 90
- Status changed from In Progress to Feedback
- % Done changed from 90 to 100
- Status changed from Feedback to Resolved
That fixed it. I am marking this ticket resolved.
Also available in: Atom
PDF
Updated by 
Updated by