On Wed, 27 Sep 2017, Charles Van Dusen wrote:
The install was at 3.21 from scratch - not an upgrade.
ahh, then maybe it did not initially do a dns lookup, and only later
did.
I also figured out how to get the current version of libunbound, shown below:
See git commit 6c68033a1080
It seems some debiab/ubuntu installs compiled libunbound without
libevent support, so those packages need a recompile.
Or you can recompile libreswan without USE_DNSSEC.
Paul
root@rpiNC:~# apt list | grep unbound
libunbound-dev/stable,now 1.6.0-3 armhf [installed]
libunbound2/stable,now 1.6.0-3 armhf [installed,automatic]
python-unbound/stable 1.6.0-3 armhf
python3-unbound/stable 1.6.0-3 armhf
unbound/stable 1.6.0-3 armhf
unbound-anchor/stable 1.6.0-3 armhf
unbound-host/stable 1.6.0-3 armhf
So Im still at a loss to explain. FWIW it seems stable at present. Should I
suspect the VPN server end?
Charlie
-----Original Message-----
From: Paul Wouters [mailto:[email protected]]
Sent: Wednesday, September 27, 2017 12:10 AM
To: Charles Van Dusen <[email protected]>
Cc: [email protected]
Subject: Re: [Swan] libreswan 3.21 error?
On Sun, 24 Sep 2017, Charles Van Dusen wrote:
I recently moved to libreswan 3.21 on a new machine and transferred my
configuration files from a 3.18 machine to the new machine.
All appeared to be working normally.
Sep 24 11:08:05 rpiNC pluto[8381]: ABORT: ASSERTION FAILED: dns_ctx !=
NULL (in unbound_event_init() at unbound.c:188)
Sep 24 11:08:05 rpiNC pluto[8381]: ABORT: ASSERTION FAILED: dns_ctx !=
NULL (in unbound_event_init() at unbound.c:188)
Your libunbound is too old. Please upgrade to at least 1.5.x or recompile
libreswan with USE_DNSSEC=false
Nothing has changed on this machine, or on the machine to which it is trying to
connect.
My guess is you might have upgraded libreswan but it was never restarted
properly before this happened.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan