Package: simple-tpm-pk11 Version: 0.04-1 Severity: normal Dear Maintainer,
I was attempting to use a TPM as a secure device for storing a private key for IPSec, through the strongswan pkcs11 plugin from libstrongswan-extra-plugins. I specified /usr/lib/x86_64-linux-gnu/libsimple-tpm-pk11.so as the module path. However, when restarting strongswan, its IKEv2 daemon fails to start due to a segfault in libsimple-tpm-pk11: Aug 10 20:12:05 debian charon[24644]: 00[DMN] Starting IKE charon daemon (strongSwan 5.2.1, Linux 3.16.0-4-amd64, x86_64) Aug 10 20:12:05 debian charon[24644]: 00[CFG] loaded PKCS#11 v0.1 library 'simple-tpm-pk11' (/usr/lib/x86_64-linux-gnu/libsimple-tpm-pk11.so) Aug 10 20:12:05 debian charon[24644]: 00[CFG] simple-tpm-pk11 manufacture: simple-tpm-pk11 librar v0.1 Aug 10 20:12:05 debian ipsec_starter[24424]: charon has died -- restart scheduled (5sec) Aug 10 20:12:05 debian ipsec_starter[24424]: charon refused to be started Aug 10 20:12:05 debian ipsec[24424]: charon has died -- restart scheduled (5sec) Aug 10 20:12:05 debian ipsec[24424]: charon refused to be started Aug 10 20:12:05 debian kernel: charon[24644]: segfault at 0 ip 00007fa33ac3bee3 sp 00007fff54ff19f8 error 6 in libsimple-tpm-pk11.so.0.0.0[7fa33ac34000+22000] If it's not possible to use this module for this, I'd at least expect a proper error message. I hope this is all the information you need. Kind regards, Willem Mulder P.S. I used simple-tpm-pk11 from testing as that is the newest version available; the same problems are exhibited with version 0.03-1 from stable. -- System Information: Debian Release: 8.2 APT prefers stable APT policy: (500, 'stable'), (450, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages simple-tpm-pk11 depends on: ii libc6 2.19-18+deb8u1 ii libgcc1 1:4.9.2-10 ii libssl1.0.2 1.0.2h-1 ii libstdc++6 6.1.1-10 ii libtspi1 0.3.13-3 ii trousers 0.3.13-3 Versions of packages simple-tpm-pk11 recommends: ii openssh-client 1:6.7p1-5 simple-tpm-pk11 suggests no packages. -- no debconf information
