Acesso à VPN com etoken USB
Esse artigo se destina exclusivamente aos que possuem um etoken USB (conhecido no país também como certificado A3) e desejam se conectar a uma VPN através do seu desktop Linux.
[ Hits: 15.169 ]
Por: Alexandre Valim em 29/04/2022
Problemas
a. Mensagem de erro "Nenhum emissor obtido da PKCS#11"
Caso a tentativa de conexão devolva esta mensagem, então precisará fazer download da cadeia da ICP-Brasil corresponde à Autoridade Certificadora do seu etoken, em seguida, acrescentar o parâmetro dessa forma: --cafile=icpbrasil.crt.
b. Mensagem de erro "Segmentation fault (core dumped)"
Caso a tentativa de conexão devolva esta mensagem - como é meu caso, tanto no Fedora quanto no Ubuntu -, então instale o programa Valgrind e modifique o comando dessa forma:
# valgrind openconnect -c 'pkcs11:model=ePass2003;manufacturer=EnterSafe%00;serial=24[removido];token=Valim;id=%08[removido];object=ALEXANDRE%20VALIM[removido];type=cert' --servercert pin-sha256[removido] --protocol=gp -b portal.org.com.br -u valim@org.com.br
Quando surgir a mensagem "Failed to connect ESP tunnel; using HTTPS instead", então já estará conectado à VPN da sua organização. Observe abaixo o momento em que é solicitado o PIN e a senha. Estando todos os dados corretos, ao final é informado o IP e o PID da conexão.
Em caso de falha, mate o PID e repita o comando.
Exemplo de resultado:
SO: Ubuntu 20.04.4
FIM.
Caso a tentativa de conexão devolva esta mensagem, então precisará fazer download da cadeia da ICP-Brasil corresponde à Autoridade Certificadora do seu etoken, em seguida, acrescentar o parâmetro dessa forma: --cafile=icpbrasil.crt.
b. Mensagem de erro "Segmentation fault (core dumped)"
Caso a tentativa de conexão devolva esta mensagem - como é meu caso, tanto no Fedora quanto no Ubuntu -, então instale o programa Valgrind e modifique o comando dessa forma:
# valgrind openconnect -c 'pkcs11:model=ePass2003;manufacturer=EnterSafe%00;serial=24[removido];token=Valim;id=%08[removido];object=ALEXANDRE%20VALIM[removido];type=cert' --servercert pin-sha256[removido] --protocol=gp -b portal.org.com.br -u valim@org.com.br
Quando surgir a mensagem "Failed to connect ESP tunnel; using HTTPS instead", então já estará conectado à VPN da sua organização. Observe abaixo o momento em que é solicitado o PIN e a senha. Estando todos os dados corretos, ao final é informado o IP e o PID da conexão.
Em caso de falha, mate o PID e repita o comando.
Exemplo de resultado:
==4018== Memcheck, a memory error detector ==4018== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==4018== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==4018== Command: openconnect -c pkcs11:model=ePass2003;manufacturer=EnterSafe%00;serial=24E[removido];token=Valim;id=%08[removido];object=ALEXANDRE%20VALIM[removido];type=cert --servercert pin-sha256[removid] --protocol=gp -b portal.org.com.br -u alex.valim@org.com.br ==4018== POST https://portal[removido]tmp=tmp&clientVer=4100&clientos=Linux Connected to 200.[removido] ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375E7B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376369: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e2c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375F03: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376369: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e1c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375FEC: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x1337639B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e2c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376074: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x1337639B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e1c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376151: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763C4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9d1c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133761FB: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763C4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9d0c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375D3E: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763E3: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e0c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375DC6: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763E3: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9dfc is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133755D7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375A68: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375C6F: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133768AA: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133586D5: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff95cc is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133756B3: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375749: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375B36: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375C6F: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133768AA: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff956c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375E7B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133762B1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355BF0: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355FB4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357CF8: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9abc is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375F03: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133762B1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355BF0: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355FB4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357CF8: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9aac is on thread 1's stack ==4018== PIN required for Valim Enter PIN: ==4018== Conditional jump or move depends on uninitialised value(s) ==4018== at 0x483A7B3: malloc (vg_replace_malloc.c:309) ==4018== by 0x4959616: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D5CD: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D82A: gnutls_privkey_sign_data (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x489BD4A: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x489F021: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4871B37: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4890DD1: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x48912EB: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x10D83C: ??? (in /usr/sbin/openconnect) ==4018== by 0x4C7E041: (below main) (in /usr/lib64/libc-2.31.so) ==4018== Using client certificate 'ALEXANDRE VALIM[removido]' Got next CA 'AC SOLUTI Multipla' from PKCS11 Got next CA 'AC SOLUTI' from PKCS11 Got next CA 'Autoridade Certificadora Raiz Brasileira v2' from PKCS11 Private key appears not to support RSA-PSS. Disabling TLSv1.3 ==4018== Conditional jump or move depends on uninitialised value(s) ==4018== at 0x483A7B3: malloc (vg_replace_malloc.c:309) ==4018== by 0x4959616: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D5CD: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D979: gnutls_privkey_sign_data2 (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x4919083: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x4919442: gnutls_certificate_set_key (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x489C0EE: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x489F021: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4871B37: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4890DD1: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x48912EB: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x10D83C: ??? (in /usr/sbin/openconnect) ==4018== SSL negotiation with portal[removido] Server certificate verify failed: signer not found Connected to HTTPS on portal[removido] Entre com seu usuário e senha do LDAP Senha: POST https://portal[removido] GlobalProtect login returned authentication-source=AUTH_PROF_VPN_A3 POST https://portal[removido] Session will expire after 43200 minutes. Tunnel timeout (rekey interval) is 180 minutes. Idle timeout is 180 minutes. No MTU received. Calculated 1422 for ESP tunnel POST https://portal[removido] Connected as 10.0.0.42, using SSL, with ESP in progress Continuing in background; pid 4242 ==4018== ==4018== HEAP SUMMARY: ==4018== in use at exit: 573,615 bytes in 2,426 blocks ==4018== total heap usage: 92,924 allocs, 90,498 frees, 16,054,057 bytes allocated ==4018== ==4018== LEAK SUMMARY: ==4018== definitely lost: 18,248 bytes in 138 blocks ==4018== indirectly lost: 23,319 bytes in 401 blocks ==4018== possibly lost: 768 bytes in 2 blocks ==4018== still reachable: 531,280 bytes in 1,885 blocks ==4018== suppressed: 0 bytes in 0 blocks ==4018== Rerun with --leak-check=full to see details of leaked memory ==4018== ==4018== Use --track-origins=yes to see where uninitialised values come from ==4018== For lists of detected and suppressed errors, rerun with: -s ==4018== ERROR SUMMARY: 197 errors from 14 contexts (suppressed: 0 from 0) Failed to connect ESP tunnel; using HTTPS instead.
VERSÕES UTILIZADAS
SO: Fedora 32- Kernel: 5.6.14
- P11tool (gnutls-utils): 3.6.13
- OpenSC: 0.20.0
- Openconnect: 8.10
- Valgrind: 3.15.0
SO: Ubuntu 20.04.4
- Kernel: 5.13.0
- P11tool (gnutls-bin): 3.6.13
- OpenSC: 0.20.0
- Openconnect: 8.05
- Valgrind: 3.15.0
FIM.
Páginas do artigo
1. Introdução2. Identificar dados
3. Conectar
4. Problemas
Outros artigos deste autor
Nenhum artigo encontrado.
Leitura recomendada
Warsaw no Fedora 28 funcionando - Internet Banking
MSN-proxy no OpenSUSE 11.2 como guest em vmware em Windows Server 2008
Mascarando conexões VPN com iptables
Configuração e balanceamento de 2 links com Vivo ZAP
Comentários
[1] Comentário enviado por maurixnovatrento em 05/07/2022 - 22:46h
Muito bacana.
___________________________________________________________
Conhecimento não se Leva para o Túmulo.
https://github.com/mxnt10
Muito bacana.
___________________________________________________________
Conhecimento não se Leva para o Túmulo.
https://github.com/mxnt10
Patrocínio
Site hospedado pelo provedor RedeHost.
Destaques
Artigos
IA Turbina o Desktop Linux enquanto distros renovam forças
Como extrair chaves TOTP 2FA a partir de QRCODE (Google Authenticator)
Linux em 2025: Segurança prática para o usuário
Desktop Linux em alta: novos apps, distros e privacidade marcam o sábado
IA chega ao desktop e impulsiona produtividade no mundo Linux
Dicas
Atualizando o Fedora 42 para 43
Como saber se o seu e-mail já teve a senha vazada?
Como descobrir se a sua senha já foi vazada na internet?
Tópicos
Instalação dualboot Windows 11 e Debian 13 (0)
Programa fora de escala na tela do pc (33)
Eu queria adicionar a incon do wifi e deixa transparente no fluxbox no... (0)
Top 10 do mês
-
Xerxes
1° lugar - 109.215 pts -
Fábio Berbert de Paula
2° lugar - 84.735 pts -
Alberto Federman Neto.
3° lugar - 26.383 pts -
Mauricio Ferrari
4° lugar - 24.015 pts -
edps
5° lugar - 23.558 pts -
Alessandro de Oliveira Faria (A.K.A. CABELO)
6° lugar - 23.089 pts -
Buckminster
7° lugar - 22.226 pts -
Andre (pinduvoz)
8° lugar - 19.740 pts -
Daniel Lara Souza
9° lugar - 19.696 pts -
Juliao Junior
10° lugar - 16.209 pts
Scripts
A maior comunidade GNU/Linux da América Latina! Artigos, dicas, tutoriais, fórum, scripts e muito mais. Ideal para quem busca auto-ajuda.
Site hospedado por:
