Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1041193: vtun segfaulting on tunnel initialization
83 views
Skip to first unread message
Tom Noonan II
Jul 15, 2023, 10:40:05 AM7/15/23
to
Package: vtun
Version: 3.0.4-2+b1
Severity: important
X-Debbugs-Cc: t...@tjnii.com
After upgrading from Stretch to Bookworm I'm seeing segfaults when my vtun tunnels attempt to come up.
The following is logged:
2023-07-15T00:56:46.225321+00:00 ip-10-70-1-71 kernel: [33828.222048] vtund[116824]: segfault at 78 ip 00007fa445e08462 sp 00007fff510d04c0 error 4 in libcrypto.so.3[7fa445cc5000+278000] likely on CPU 0 (core 0, socket 0)
The other end of the tunnel (running an old version) shows the tunnel being initialized and encryption initialized, and then the tunnel closing.
Jul 15 10:24:35 hstnc-3 vtund[12196]: Use SSL-aware challenge/response
Jul 15 10:24:35 hstnc-3 vtund[12196]: Remote Server sends <TuKE5>#012.
Jul 15 10:24:35 hstnc-3 vtund[12196]: Session [Snip ID/IP] opened
Jul 15 10:24:35 hstnc-3 vtund[12196]: Blowfish-256-ECB encryption initialized
Jul 15 10:24:35 hstnc-3 vtund[12196]: Session [Snip ID/IP] closed
This is a snippit of the server side config where the segfaults are happening. The omitted config is routing and non-shareable config options like auth.
device tun1;
type tun;
proto tcp;
encrypt blowfish256ecb;
keepalive yes;
speed 0;
This could be related to the old client that's trying to connect, but I'd expect an error and not a segfault.
This could also be related to using blowfish256ecb, but per 'man vtund.conf' this config is still supported.
Thanks for maintaining this.
--Tom Noonan II
-- System Information:
Debian Release: 12.0
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-10-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages vtun depends on:
ii libc6 2.36-9
ii liblzo2-2 2.10-2
ii libssl3 3.0.9-1
ii lsb-base 11.6
ii sysvinit-utils [lsb-base] 3.06-4
ii udev 252.6-1
ii zlib1g 1:1.2.13.dfsg-1
vtun recommends no packages.
vtun suggests no packages.
-- Configuration Files:
/etc/vtund.conf changed [not included]
-- no debconf information
Version: 3.0.4-2+b1
Severity: important
X-Debbugs-Cc: t...@tjnii.com
After upgrading from Stretch to Bookworm I'm seeing segfaults when my vtun tunnels attempt to come up.
The following is logged:
2023-07-15T00:56:46.225321+00:00 ip-10-70-1-71 kernel: [33828.222048] vtund[116824]: segfault at 78 ip 00007fa445e08462 sp 00007fff510d04c0 error 4 in libcrypto.so.3[7fa445cc5000+278000] likely on CPU 0 (core 0, socket 0)
The other end of the tunnel (running an old version) shows the tunnel being initialized and encryption initialized, and then the tunnel closing.
Jul 15 10:24:35 hstnc-3 vtund[12196]: Use SSL-aware challenge/response
Jul 15 10:24:35 hstnc-3 vtund[12196]: Remote Server sends <TuKE5>#012.
Jul 15 10:24:35 hstnc-3 vtund[12196]: Session [Snip ID/IP] opened
Jul 15 10:24:35 hstnc-3 vtund[12196]: Blowfish-256-ECB encryption initialized
Jul 15 10:24:35 hstnc-3 vtund[12196]: Session [Snip ID/IP] closed
This is a snippit of the server side config where the segfaults are happening. The omitted config is routing and non-shareable config options like auth.
device tun1;
type tun;
proto tcp;
encrypt blowfish256ecb;
keepalive yes;
speed 0;
This could be related to the old client that's trying to connect, but I'd expect an error and not a segfault.
This could also be related to using blowfish256ecb, but per 'man vtund.conf' this config is still supported.
Thanks for maintaining this.
--Tom Noonan II
-- System Information:
Debian Release: 12.0
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-10-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages vtun depends on:
ii libc6 2.36-9
ii liblzo2-2 2.10-2
ii libssl3 3.0.9-1
ii lsb-base 11.6
ii sysvinit-utils [lsb-base] 3.06-4
ii udev 252.6-1
ii zlib1g 1:1.2.13.dfsg-1
vtun recommends no packages.
vtun suggests no packages.
-- Configuration Files:
/etc/vtund.conf changed [not included]
-- no debconf information
Tom Noonan II
Jul 15, 2023, 2:10:07 PM7/15/23
to
Changing the encryption setting from blowfish to aes allowed the tunnel
to start. This can probably be downgraded from important. Thanks.
On Sat, 15 Jul 2023 14:33:04 +0000
"Debian Bug Tracking System" <ow...@bugs.debian.org> wrote:
> Thank you for filing a new Bug report with Debian.
>
> You can follow progress on this Bug here: 1041193:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041193.
>
> This is an automatically generated reply to let you know your message
> has been received.
>
> Your message is being forwarded to the package maintainers and other
> interested parties for their attention; they will reply in due course.
>
> As you requested using X-Debbugs-CC, your message was also forwarded
> to t...@tjnii.com
> (after having been given a Bug report number, if it did not have one).
>
> Your message has been sent to the package maintainer(s):
> Rodrigo Carvalho <rodri...@gmail.com>
>
> If you wish to submit further information on this problem, please
> send it to 104...@bugs.debian.org.
>
> Please do not send mail to ow...@bugs.debian.org unless you wish
> to report a problem with the Bug-tracking system.
>
to start. This can probably be downgraded from important. Thanks.
On Sat, 15 Jul 2023 14:33:04 +0000
"Debian Bug Tracking System" <ow...@bugs.debian.org> wrote:
> Thank you for filing a new Bug report with Debian.
>
> You can follow progress on this Bug here: 1041193:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041193.
>
> This is an automatically generated reply to let you know your message
> has been received.
>
> Your message is being forwarded to the package maintainers and other
> interested parties for their attention; they will reply in due course.
>
> As you requested using X-Debbugs-CC, your message was also forwarded
> to t...@tjnii.com
> (after having been given a Bug report number, if it did not have one).
>
> Your message has been sent to the package maintainer(s):
> Rodrigo Carvalho <rodri...@gmail.com>
>
> If you wish to submit further information on this problem, please
> send it to 104...@bugs.debian.org.
>
> Please do not send mail to ow...@bugs.debian.org unless you wish
> to report a problem with the Bug-tracking system.
>
0 new messages