Bug #3417
closedracoon crashes after mobile xauth login with fourth DNS server configured
0%
Description
If Mobile IPsec is configured to push DNS servers to clients, and you have four DNS servers configured, racoon will crash after a login with a signal 11. If you remove the fourth DNS server and only push three, it's OK.
There is nothing different in racoon.conf about the fourth server, only an additional line.
With three set:
dns4 192.168.1.1; dns4 192.168.1.2; dns4 8.8.8.8;
With four set:
dns4 192.168.1.1; dns4 192.168.1.2; dns4 8.8.8.8; dns4 8.8.4.4;
Racoon log:
Jan 29 09:55:24 racoon: [192.168.2.23] ERROR: notification INITIAL-CONTACT received in aggressive exchange. Jan 29 09:55:24 racoon: INFO: NAT detected: ME PEER Jan 29 09:55:24 racoon: INFO: Sending Xauth request Jan 29 09:55:24 racoon: [Self]: INFO: ISAKMP-SA established 192.168.2.243[4500]-192.168.2.23[4500] spi:2407819ff7cee787:c0a2ff26abc2e3a0 Jan 29 09:55:24 racoon: INFO: Using port 0 Jan 29 09:55:24 racoon: user 'mobileuser1' authenticated Jan 29 09:55:24 racoon: INFO: login succeeded for user "mobileuser1"
System log:
Jan 29 09:55:33 kernel: pid 665 (racoon), uid 0: exited on signal 11 (core dumped)
If it's not easily fixable in racoon, we may just want to remove the fourth DNS field support from the GUI and the backend code.
Tested on 2.1, 2.1p1, and 2.1.1 -- same behavior.
Updated by Chris Buechler over 10 years ago
- Status changed from New to Feedback
- Target version set to 2.2
ran into this one today. Presume this is not an issue with 2.2 given racoon is gone, setting target version 2.2 to confirm that, or if worst case scenario we end up going back to ipsec-tools for 2.2, we'll just take out the 4th DNS server IP field.
Updated by Chris Buechler over 10 years ago
- Status changed from Feedback to Resolved