/usr/libexec/ipsec/charon was killed by signal 11 (SIGSEGV)
Every time I stop ipsec, strongswan exit with a crash. Fedora 16, x86_64:
Dec 6 10:21:40 iXXXXX abrtd: Directory 'ccpp-2011-12-06-10:21:39-4398' creation detected
Dec 6 10:21:40 iXXXXX abrt4422: Saved core dump of pid 4398 (/usr/libexec/ipsec/charon) to /var/spool/abrt/ccpp-2011-12-06-10:21:39-4398 (36352000 bytes)
Dec 6 10:21:40 iXXXXX abrtd: New dump directory /var/spool/abrt/ccpp-2011-12-06-10:21:39-4398, processing
cmdline: /usr/libexec/ipsec/charon --use-syslog
#1 Updated by Tobias Brunner about 10 years ago
- File flush_cache.patch flush_cache.patch added
- Category set to libstrongswan
- Status changed from New to Feedback
- Assignee set to Tobias Brunner
I can't reproduce this, but I suspect it happens because the plugin which provides the implementation for the certificates and crls that are cached in the credential manager is already unloaded when these are flushed from it during destruction. Hence the segmentation fault.
Could you please try if the attached patch fixes the problem.
#2 Updated by G. V. about 10 years ago
flush_cache.patch does not apply clean againt strongswan-4.6.1 (daemon.c).
In your patch lib->plugins->unload(lib->plugins); is called after #ifdef ME ... #endif.
In strongswan-4.6.1 the lib->plugins->unload(lib->plugins); is called before #ifdef statement.
#3 Updated by G. V. about 10 years ago
I modified the patch (called 'lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);' right above 'lib->plugins->unload(lib->plugins);' in daemon.c, strongswan 4.6.1 ).
Compiled strongswan, installed the new version. stopping charon works as expected (no crash anymore).
Thank you for your help.