Chrome Version: <From about:version: Google Chrome 56.0.2908.0>
Chrome OS Version: <From about:version: Platform 8959.0.0>
Chrome OS Platform: <Kevin>
Network info: <VPN, Marvell>
Please specify Cr-* of the system to which this bug/feature applies (add
the label below).
Steps To Reproduce:
(1) Open chrome://settings, Try adding and connecting to a IPSec network.
Expected Result:
It should successfully connect.
Actual Result:
Fails with Internal Error.
2016-11-04T11:41:25.321862-07:00 INFO l2tpipsec_vpn[6640]: ipsec[6641]: Starting strongSwan 5.0.2 IPsec [starter]...
2016-11-04T11:41:25.345358-07:00 INFO charon[6652]: 00[DMN] Starting IKE charon daemon (strongSwan 5.0.2, Linux 4.4.21-05988-g6da867b, aarch64)
2016-11-04T11:41:25.361944-07:00 INFO l2tpipsec_vpn[6640]: ipsec[6641]: [1104/114125:ERROR:chaps.cc(130)] C_Initialize - CKR_CANT_LOCK
2016-11-04T11:41:25.365047-07:00 INFO charon[6652]: 00[CFG] loaded PKCS#11 v2.20 library 'crypto_module' (/usr/lib/libchaps.so)
2016-11-04T11:41:25.365072-07:00 INFO charon[6652]: 00[CFG] Chromium OS: Chaps Client Library v0.1
2016-11-04T11:41:25.365083-07:00 INFO charon[6652]: 00[CFG] uses OS locking functions
2016-11-04T11:41:25.368120-07:00 INFO charon[6652]: 00[CFG] found token in slot 'crypto_module':0 (TPM Slot)
2016-11-04T11:41:25.369959-07:00 INFO charon[6652]: 00[CFG] System TPM Token (Chromium OS: )
2016-11-04T11:41:25.403461-07:00 INFO charon[6652]: 00[CFG] found token in slot 'crypto_module':1 (TPM Slot)
2016-11-04T11:41:25.405230-07:00 INFO charon[6652]: 00[CFG] User TPM Token af8df1782c988134 (Chromium OS: )
2016-11-04T11:41:25.451814-07:00 INFO charon[6652]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
2016-11-04T11:41:25.451897-07:00 INFO charon[6652]: 00[LIB] stat() on '/etc/ipsec.d/cacerts/cacert.der' failed: No such file or directory
2016-11-04T11:41:25.451925-07:00 INFO charon[6652]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
2016-11-04T11:41:25.451981-07:00 INFO charon[6652]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
2016-11-04T11:41:25.452028-07:00 INFO charon[6652]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
2016-11-04T11:41:25.452070-07:00 INFO charon[6652]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
2016-11-04T11:41:25.452118-07:00 INFO charon[6652]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
2016-11-04T11:41:25.452217-07:00 INFO charon[6652]: 00[CFG] loaded IKE secret for 172.16.10.127 172.18.10.9
2016-11-04T11:41:25.452951-07:00 INFO charon[6652]: 00[DMN] loaded plugins: charon pkcs11 aes des sha1 sha2 md5 random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey pem openssl fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve socket-default stroke updown xauth-generic
2016-11-04T11:41:25.453325-07:00 INFO charon[6652]: 00[LIB] dropped capabilities, running as uid 212, gid 212
2016-11-04T11:41:25.453391-07:00 INFO charon[6652]: 00[JOB] spawning 16 worker threads
2016-11-04T11:41:25.462715-07:00 INFO l2tpipsec_vpn[6640]: ipsec[6641]: charon (6652) started after 120 ms
2016-11-04T11:41:25.462879-07:00 INFO charon[6652]: 09[CFG] received stroke: add connection 'managed'
2016-11-04T11:41:25.462905-07:00 INFO charon[6652]: 09[CFG] left nor right host is our side, assuming left=local
2016-11-04T11:41:25.463052-07:00 INFO charon[6652]: 09[CFG] added configuration 'managed'
2016-11-04T11:41:25.463241-07:00 INFO charon[6652]: 12[CFG] received stroke: initiate 'managed'
2016-11-04T11:41:25.463521-07:00 INFO charon[6652]: 12[IKE] initiating Main Mode IKE_SA managed[1] to 172.18.10.9
2016-11-04T11:41:25.463545-07:00 INFO charon[6652]: 12[IKE] initiating Main Mode IKE_SA managed[1] to 172.18.10.9
2016-11-04T11:41:25.463662-07:00 INFO charon[6652]: 12[ENC] generating ID_PROT request 0 [ SA V V V V ]
2016-11-04T11:41:25.463806-07:00 INFO charon[6652]: 12[NET] sending packet: from 172.16.10.127[500] to 172.18.10.9[500] (256 bytes)
2016-11-04T11:41:25.488826-07:00 INFO charon[6652]: 13[NET] received packet: from 172.18.10.9[500] to 172.16.10.127[500] (140 bytes)
2016-11-04T11:41:25.488885-07:00 INFO charon[6652]: 13[ENC] parsed ID_PROT response 0 [ SA V V V ]
2016-11-04T11:41:25.488905-07:00 INFO charon[6652]: 13[ENC] received unknown vendor ID: 4f:45:75:5c:64:5c:6a:79:5c:5c:61:70
2016-11-04T11:41:25.488923-07:00 INFO charon[6652]: 13[IKE] received DPD vendor ID
2016-11-04T11:41:25.488940-07:00 INFO charon[6652]: 13[IKE] received NAT-T (RFC 3947) vendor ID
2016-11-04T11:41:25.516457-07:00 INFO charon[6652]: 13[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
2016-11-04T11:41:25.516505-07:00 INFO charon[6652]: 13[NET] sending packet: from 172.16.10.127[500] to 172.18.10.9[500] (372 bytes)
2016-11-04T11:41:25.570053-07:00 INFO charon[6652]: 14[NET] received packet: from 172.18.10.9[500] to 172.16.10.127[500] (356 bytes)
2016-11-04T11:41:25.570114-07:00 INFO charon[6652]: 14[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
2016-11-04T11:41:25.591663-07:00 INFO charon[6652]: 14[ENC] generating ID_PROT request 0 [ ID HASH ]
2016-11-04T11:41:25.591719-07:00 INFO charon[6652]: 14[NET] sending packet: from 172.16.10.127[500] to 172.18.10.9[500] (76 bytes)
2016-11-04T11:41:25.653301-07:00 INFO charon[6652]: 15[NET] received packet: from 172.18.10.9[500] to 172.16.10.127[500] (76 bytes)
2016-11-04T11:41:25.653371-07:00 INFO charon[6652]: 15[ENC] parsed ID_PROT response 0 [ ID HASH V ]
2016-11-04T11:41:25.653391-07:00 INFO charon[6652]: 15[IKE] IKE_SA managed[1] established between 172.16.10.127[172.16.10.127]...172.18.10.9[172.18.10.9]
2016-11-04T11:41:25.653462-07:00 INFO charon[6652]: 15[IKE] IKE_SA managed[1] established between 172.16.10.127[172.16.10.127]...172.18.10.9[172.18.10.9]
2016-11-04T11:41:25.653484-07:00 INFO charon[6652]: 15[IKE] scheduling reauthentication in 10114s
2016-11-04T11:41:25.653503-07:00 INFO charon[6652]: 15[IKE] maximum IKE_SA lifetime 10654s
2016-11-04T11:41:25.653521-07:00 INFO charon[6652]: 15[KNL] allocating SPI failed: Unknown error (524)
2016-11-04T11:41:25.653537-07:00 INFO charon[6652]: 15[KNL] unable to get SPI for reqid {1}
2016-11-04T11:41:25.653555-07:00 INFO charon[6652]: 15[IKE] allocating SPI from kernel failed
2016-11-04T11:41:55.492661-07:00 ERR l2tpipsec_vpn[6640]: IPsec connection timed out
2016-11-04T11:41:56.493857-07:00 INFO l2tpipsec_vpn[6640]: Shutting down...
2016-11-04T11:41:56.494403-07:00 INFO charon[6652]: 00[DMN] signal of type SIGINT received. Shutting down
2016-11-04T11:41:56.512102-07:00 ERR l2tpipsec_vpn[6640]: Unable to send signal to 6641: No such process
2016-11-04T11:41:56.512136-07:00 ERR l2tpipsec_vpn[6640]: Unable to send signal to 6652: No such process
2016-11-04T11:41:56.513644-07:00 INFO shill[2570]: [INFO:external_task.cc(107)] OnTaskDied(6640, 32)
2016-11-04T11:41:56.513786-07:00 ERR shill[2570]: [ERROR:process_manager.cc(190)] Process 6640 not being watched
2016-11-04T11:41:56.513808-07:00 INFO shill[2570]: [INFO:rpc_task.cc(43)] RPCTask 2 destroyed.
2016-11-04T11:41:56.514215-07:00 INFO shill[2570]: [INFO:service.cc(404)] Service 184: state Configuring -> Failure
2016-11-04T11:41:56.514238-07:00 INFO shill[2570]: [INFO:service.cc(989)] Noting an unexpected failure to connect.
2016-11-04T11:41:56.514278-07:00 INFO shill[2570]: [INFO:manager.cc(1487)] Service 184 updated; state: Failure failure internal-error
How frequently does this problem reproduce? (Always, sometimes, hard to
reproduce?)
Always. Only reproducible with kevin device on M-56 TOT,
What is the impact to the user, and is there a workaround? If so, what is
it?
No IPSec VPN connectivity.
Please provide any additional information below. Attach a screen shot or
log if possible.
Logs attached.
|
Deleted:
log-110416-113603.tar.gz
447 KB
|
|
|
log-110416-113603.tar.gz
447 KB
Download
|
Comment 1 by cernekee@chromium.org
, Nov 4 2016