0.9.9 segfault at 12d0

[edmundlaugasson]

using: openfortigui 0.9.9-3 https://aur.archlinux.org/packages/openfortigui openfortivpn 1.21.0-1 https://archlinux.org/packages/extra/x86_64/openfortivpn/

When trying to connect:

Error: Authentication failed, please check your username/password/cert/otp!
Detail:
Error: 80F8D57C0D770000:error:1C800064:Provider routines:ossl_cipher_unpadblock:bad decrypt:providers/implementations/ciphers/ciphercommon_block.c:107:
INFO:   Start tunnel.
INFO:   Connected to gateway.
ERROR:  Could not authenticate to gateway (No cookie given).
INFO:   Closed connection to gateway.
INFO:   Logged out.

... even credentials, certificate are correct.

openfortigui own log file writes: ERROR: Gateway certificate validation failed, and the certificate digest is not in the local whitelist. If you trust it, rerun with --trusted-cert ... but no way to give that trusted-cert parameter to openfortigui. Tried also that trust any certificate but this didn't help either, I guess because of that segfault. Besides, the profile file contained trustedcert variable but openfortigui seemed to ignore it, I guess because of that segfault: ~/.openfortigui/vpnprofiles/profile.conf_

[cert]
ca_file=
trust_all_gw_certs=false
trusted_cert=xxxxx
user_cert=
user_key=
verify_cert=false

[options]
always_ask_otp=false
autostart=false
debug=false
half_internet_routers=false
insecure_ssl=false
min_tls=Default
otp_delay=0
otp_prompt=
pppd_call=
pppd_ifname=
pppd_ipparam=
pppd_log_file=
pppd_no_peerdns=false
pppd_plugin_file=
realm=
seclevel1=false
set_dns=false
set_routes=true

[vpn]
device_type=0
gateway_host=xxxxx
gateway_port=xxxxx
name=xxxxx
password="xxxxx"
persistent=false
username=xxxxx

also ~/.openfortigui/main.conf:

[checks]
sudopresenv=false

[gui]
connect_on_dblclick=false
disable_notifications=false
main_toolbar_location=4

[main]
aesiv=
aeskey=
changelogrev_read=22
debug=true
disallow_unsecure_certificates=false
setupwizard=true
start_minimized=true
sudo_preserve_env=true
use_system_password_store=false

[paths]
globalvpnprofiles=/etc/openfortigui/vpnprofiles
initd=/etc/init.d/openfortigui
localvpngroups=~/.openfortigui/vpngroups
localvpnprofiles=~/.openfortigui/vpnprofiles
logs=~/.openfortigui/logs

When checked with journalctl -f, while connecting:

March 18 14:34:58 host kernel: openfortigui[9561]: segfault at 12d0 ip 000060c5a898ef1d sp 00007ffd0f71a2f0 error 4 in openfortigui[60c5a8964000+59000] likely on CPU 7 (core 3, socket 0)
March 18 14:34:58 host kernel: Code: 80 7f 20 00 0f 85 a3 00 00 00 48 89 ef ff 15 02 06 0b 00 48 8b 43 28 48 85 c0 74 33 48 83 7b 20 00 74 2c 48 8b 40 10 48 89 c7 <ff> 90 b8 12 00 00 48 8b 7b 20 ff 15 6b 0b 0b 00 bf 02 00 00 00 ff
March 18 14:34:58 host systemd[1]: Started Process Core Dump (PID 9563/UID 0).
March 18 14:34:59 host systemd-coredump[9564]: Resource limits disable core dumping for process 9561 (openfortigui).
March 18 14:34:59 host systemd-coredump[9564]: [🡕] Process 9561 (openfortigui) of user 0 terminated abnormally without generating a coredump.
March 18 14:34:59 host systemd[1]: systemd-coredump@19-9563-0.service: Deactivated successfully.
March 18 14:34:59 host sudo[9559]: pam_unix(sudo:session): session closed for user root

This message repeated every time when tried to connect.

At the same time could connect successfully via CLI using openfortivpn to same host, using same parameters:

set-routes = 1
set-dns = 0
pppd-use-peerdns = 0

Also tested /etc/ppp/options either ipcp-accept-remote (worked earlier) and also ipcp-accept-local - neither helped this time, I guess because of that segfault described above. This is related with this issue.

System at this time: EndeavourOS with KDE 6.0.2 (Qt 6.6.2) kernel 6.7.9 Graphics: X11

[edmundlaugasson]

Same issue persist also with v0.9.10-1

[lukas-fichtner]

Not sure if this is a similar problem but I have this segfault (at random times) since a few days with v0.9.10-1:

openfortigui[1150963]: segfault at e ip 00007fca115c093b sp 00007fff0cc56db0 error 4 in libQt5Core.so.5.15.3[7fca11540000+30f000]
Code: 31 d2 be 08 00 00 00 e8 43 9b fc ff 48 89 03 48 89 c7 48 63 47 04 48 8b 57 10 48 c1 e0 04 48 8d 44 10 f0 48 8d 1c 07 48 8b 0b <8b> 01 83 f8 01 76 0b 48 89 df e8 66 ef ff ff 48 8b 0b 8b 01 83 f8

# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.4 LTS
Release:    22.04
Codename:   jammy

# uname -r 
5.15.0-113-generic

# apt show libqt5core5a
Package: libqt5core5a
Version: 5.15.3+dfsg-2ubuntu0.2
Priority: optional
Section: universe/libs
Source: qtbase-opensource-src
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 6.145 kB
Provides: qtbase-abi-5-15-3
Depends: shared-mime-info, libc6 (>= 2.35), libdouble-conversion3 (>= 2.0.0), libgcc-s1 (>= 3.4), libglib2.0-0 (>= 2.22.0), libicu70 (>= 70.1-1~), libpcre2-16-0 (>= 10.22), libstdc++6 (>= 11), libzstd1 (>= 1.4.0), zlib1g (>= 1:1.1.4)
Recommends: qttranslations5-l10n
Suggests: libthai0
Breaks: libqt5scintilla2-12v5 (<< 2.9.2+dfsg-2~), libqtcore4 (<< 4:4.8.7+dfsg-20~)
Replaces: libqtcore4 (<< 4:4.8.7+dfsg-20~)
Homepage: https://www.qt.io/developers/
Task: kubuntu-desktop, lubuntu-desktop, ubuntustudio-desktop-core, ubuntustudio-desktop, ubuntukylin-desktop, ubuntu-mate-core, ubuntu-mate-desktop
Download-Size: 2.006 kB
APT-Manual-Installed: yes
APT-Sources: http://de.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages