On 28/10/13 11:04, Dan Levin wrote: > Hi, > I'm still experiencing symptoms of this on wheezy (more details below). > Has there been any fix, to anyone's knowledge?
privsep support on racoon is byuggy. There is a new version out there from netbsd, but the code has had creeping netbsdisms and compiler makefile issues, and it a real sod to get it going. Try strongswan, it works on Debian kfreebsd and ordinary wheezyy. racoon is long in the tooth, and because of the sort of bitrot and security issues it has (runs as root) I think it might be better if this part of ipsec-tools was deprecated. Regards, Matthew Grant > ---------------------------------------------- > Package: racoon > State: installed > Automatically installed: no > Version: 1:0.8.0-14 > Priority: extra > Section: net > Maintainer: Matthew Grant <matthewgra...@gmail.com> > Architecture: amd64 > Uncompressed Size: 1,147 k > Depends: debconf (>= 0.5) | debconf-2.0, ipsec-tools (= 1:0.8.0-14), > libc6 (>= 2.8), libcomerr2 (>= 1.01), libgssapi-krb5-2 (>= > 1.10+dfsg~), libk5crypto3 (>= 1.6.dfsg.2), > libkrb5-3 (>= 1.6.dfsg.2), libldap-2.4-2 (>= 2.4.7), libpam0g > (>= 0.99.7.1), libssl1.0.0 (>= 1.0.0), adduser, perl > > > # After initiating a disconnect from the VPN client: > Oct 27 21:56:02 localhost racoon: [x.x.x.x] DEBUG: delete payload for > protocol ESP > Oct 27 21:56:02 localhost racoon: ERROR: privsep_socket: unauthorized > domain (15) > Oct 27 21:56:02 localhost racoon: INFO: racoon privileged process > 23084 terminated > Oct 27 21:56:02 localhost kernel: [1207378.180116] racoon[23109]: > segfault at 10 ip 00007fb003750b7b sp 00007fff225ef210 error 4 in > racoon[7fb003727000+92000] > ---------------------------------------------- > Best, > -Dan Levin
signature.asc
Description: OpenPGP digital signature
