Hi Wolfgang, I tried to reproduce your issue and no luck yet. Did you try ipsec stop?
On Thu, Oct 05, 2017 at 09:45:02AM +0200, Wolfgang Nothdurft wrote: > Am 02.10.2017 um 13:58 schrieb Antony Antony: > > Hi Paul > > > > A quick test after the commit bd3a5f01 show a crash in test xauth-pluto-16 > > pointing to addresspool.c. The crash happens with ipsec stop > > > > I couldn't repoduce lsw#299 yet. Did you manage to reproduce before > bd3a5f0 > > patch? > > There seems a general problem with the reference code in addresspool, which > comes up with the latest changes. > > I can reproduce the problems very easy with two xauth clients connecting to > the same connection. I could not use your exact config in libreswan testing enviroment yet. May be there is another issue with authby=secret and right=%any. Server seems to be looking for secret "%any". Anyway I tried with X509 and main mode + xauth and two clients, a very similar setup with bd3a5f01e7 reverted. No issues. So I can 't reproduce the issue you report in lsw#299. [root@east xauth-pluto-23]# ipsec whack --trafficstatus 006 #2: "east-any"[1] 192.1.3.209, username=road, type=ESP, add_time=1507206015, inBytes=336, outBytes=252, lease=192.0.2.100/32 006 #4: "east-any"[2] 192.1.3.33, username=north, type=ESP, add_time=1507206030, inBytes=0, outBytes=0, lease=192.0.2.101/32 I also remember there is a v2 test with addresspool and two clients. And there no crash without bd3a5f01e7 committed! -antony PS: one possibility is with authby=secret addresspool behave different. IDs are different. If that is the case bd3a5f01e7 is not likely the fix. _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
