ocserv 0.9.0.1 not doing TLS handshake
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Jan 27 10:21:25 PST 2015
On Tue, 2015-01-27 at 21:17 +0800, Lemon Lam wrote:
> 於 2015/1/27 下午 09:10, Nikos Mavrogiannopoulos 提到:
> > On Tue, Jan 27, 2015 at 10:39 AM, Lemon Lam <alemonmk at gmail.com> wrote:
> >> 於 2015/1/27 下午 05:10, Nikos Mavrogiannopoulos 提到:
> >>> On Tue, Jan 27, 2015 at 10:01 AM, Lemon Lam <alemonmk at gmail.com> wrote:
> >>>>> Do you use linux-namespaces or seccomp? If yes try disabling it.
> >>>>> Otherwise please provide more information about your build.
> >>>> I can confirm that disabling seccomp do get rid of the problem.
> >>> Then, could you provide more information about your kernel version,
> >>> the cpu architecture, and the output of "strace -f" of ocserv?
> >> Kernel is Linode's customised 3.18.1-x86_64, but the OS is i386.
> >> strace output is attached.
> >
> > As far as I understand the seccomp filter does prevent select() from
> > being executed. Do you have the latest libseccomp in that platform?
> >
> Yes, libseccomp2 from Debian repo is 2.1.1, same with the one on
> sourceforge, aptitude tells me that it's up to date too.
It looks like an issue in libseccomp. I've reported it to libseccomp ml,
but I have no i686 system to reproduce. I'd appreciate if you could
compile the attached select.c and report the output, here or in
seccomp-discuss.
https://sourceforge.net/p/libseccomp/mailman/message/33275762/
regards,
Nikos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: select.c
Type: text/x-csrc
Size: 966 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150127/4ac3b957/attachment.bin>
More information about the openconnect-devel
mailing list