The VICI Plugin Crashes the Daemon If the Peer ID Is Absent on Mediation Connections
I used the below configuration in the ipsec.conf, I'm able to establish tunnels with the multiple peers as i've not mentioned the me_peerid (accroding to the man page , it says if me_peerid is not given it will take up as the right id which is '%any' in this case).
conn medsrv firstname.lastname@example.org leftauth=psk right=10.11.70.111 email@example.com rightauth=psk mediation=yes auto=start conn Gateway-Agent1 leftauth=psk rightauth=psk firstname.lastname@example.org right=%any rightid=%any leftsubnet=184.108.40.206/24 rightsubnet=220.127.116.11/24 mediated_by=medsrv auto=add
But the same functionality i'm not able to achieve through vici interface, if i don't add the "me_peerid" then i'm seeing the below dump. ( I tried with "%any" in the me_peerid then also it is failing but not dumping)
07[DMN] thread 7 received 11 07[LIB] dumping 1 stack frame addresses: 07[LIB] /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f6f544ec000 [0x7f6f544fd390] 07[LIB] -> ??:? dumping 1 stack frame addresses: /lib/x86_64-linux-gnu/libpthread.so.0 @ 0x7f6f544ec000 [0x7f6f544fd390] -> ??:? 07[DMN] killing ourself, received critical signal
#1 Updated by Tobias Brunner over 1 year ago
- Tracker changed from Issue to Bug
- Description updated (diff)
- Category set to vici
- Status changed from New to Feedback
- Target version set to 5.7.2
I see. I've pushed a fix to the 2794-vici-peer-id branch. Without the patch you have to configure it explicitly (in your case to the same value as the local identity).