I had the same problem with wheezy and strongswan 4.5.2-1.5+deb7u1 - charon segfaults when activating a VPN connection from NetworkManager.
After trying a few random silly things, like changing IKE setup (certs
vs. various EAP flavors), and limiting plugins, and searching the web
for “killing ourself, received critical signal” (I wasn't smart enough
to get a backtrace like Markus did), I decided to give 5.0 a try.
I rebuilt the strongswan 5.0.4-3 package in exerimental for wheezy and
VPN connections from NetworkManager now work fine.
However I bumped into a few problems while backporting strongswan:
• debian/rules fails at dh_install:
dh_install: lib/systemd/system/strongswan.service exists in debian/tmp but
is not installed to anywhere
dh_install: missing files, aborting
Fixed by replacing --fail-missing with --list-missing.
• openswan 5.0 changed from building an "nm" plugin to having a
separate /usr/lib/ipsec/charon-nm binary. So NetworkManager hangs
for a moment then fails because it's still executing
/usr/lib/ipsec/charon which no longer speaks the NM IPC:
NetworkManager[2102]: <warn> VPN service 'strongswan' start timed out
charon: 00[DMN] signal of type SIGTERM received. Shutting down
Fixed by hacking /etc/NetworkManager/VPN/nm-strongswan-service.name
from network-manager-strongswan package:
program=/usr/lib/ipsec/charon-nm
BTW, this bug should probably be reassigned to strongswan.
--
Gerald Turner Email: gtur...@unzane.com JID: gtur...@unzane.com
GPG: 0xFA8CD6D5 21D9 B2E8 7FE7 F19E 5F7D 4D0C 3FA0 810F FA8C D6D5
pgpWVq_kcWJf9.pgp
Description: PGP signature
