Acesso à VPN com etoken USB

Esse artigo se destina exclusivamente aos que possuem um etoken USB (conhecido no país também como certificado A3) e desejam se conectar a uma VPN através do seu desktop Linux.

[ Hits: 10.453 ]

Por: Alexandre Valim em 29/04/2022


Problemas



a. Mensagem de erro "Nenhum emissor obtido da PKCS#11"

Caso a tentativa de conexão devolva esta mensagem, então precisará fazer download da cadeia da ICP-Brasil corresponde à Autoridade Certificadora do seu etoken, em seguida, acrescentar o parâmetro dessa forma: --cafile=icpbrasil.crt.

b. Mensagem de erro "Segmentation fault (core dumped)"

Caso a tentativa de conexão devolva esta mensagem - como é meu caso, tanto no Fedora quanto no Ubuntu -, então instale o programa Valgrind e modifique o comando dessa forma:

# valgrind openconnect -c 'pkcs11:model=ePass2003;manufacturer=EnterSafe%00;serial=24[removido];token=Valim;id=%08[removido];object=ALEXANDRE%20VALIM[removido];type=cert' --servercert pin-sha256[removido] --protocol=gp -b portal.org.com.br -u valim@org.com.br

Quando surgir a mensagem "Failed to connect ESP tunnel; using HTTPS instead", então já estará conectado à VPN da sua organização. Observe abaixo o momento em que é solicitado o PIN e a senha. Estando todos os dados corretos, ao final é informado o IP e o PID da conexão.

Em caso de falha, mate o PID e repita o comando.

Exemplo de resultado:

==4018== Memcheck, a memory error detector ==4018== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==4018== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info ==4018== Command: openconnect -c pkcs11:model=ePass2003;manufacturer=EnterSafe%00;serial=24E[removido];token=Valim;id=%08[removido];object=ALEXANDRE%20VALIM[removido];type=cert --servercert pin-sha256[removid] --protocol=gp -b portal.org.com.br -u alex.valim@org.com.br ==4018== POST https://portal[removido]tmp=tmp&clientVer=4100&clientos=Linux Connected to 200.[removido] ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375E7B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376369: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e2c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375F03: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376369: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e1c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375FEC: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x1337639B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e2c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376074: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x1337639B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e1c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376151: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763C4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9d1c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133761FB: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763C4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9d0c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375D3E: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763E3: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9e0c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375DC6: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133763E3: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9dfc is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133755D7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375A68: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375C6F: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133768AA: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133586D5: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff95cc is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133756B3: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375749: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375B36: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375C6F: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133768AA: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357C4A: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357AC1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff956c is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADD93: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375E7B: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133762B1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355BF0: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355FB4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357CF8: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9abc is on thread 1's stack ==4018== ==4018== Syscall param ioctl(USBDEVFS_BULK) points to uninitialised byte(s) ==4018== at 0x4D4F47B: ioctl (in /usr/lib64/libc-2.31.so) ==4018== by 0x133ADEBD: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13375F03: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133762B1: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376781: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133767C7: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13376836: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x133552A2: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355BF0: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355FB4: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13357CF8: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== by 0x13355154: ??? (in /home/valim/util/ePass2003-Castle-20141128/x86_64/redist/libcastle.so.1.0.0) ==4018== Address 0x1ffeff9aac is on thread 1's stack ==4018== PIN required for Valim Enter PIN: ==4018== Conditional jump or move depends on uninitialised value(s) ==4018== at 0x483A7B3: malloc (vg_replace_malloc.c:309) ==4018== by 0x4959616: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D5CD: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D82A: gnutls_privkey_sign_data (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x489BD4A: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x489F021: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4871B37: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4890DD1: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x48912EB: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x10D83C: ??? (in /usr/sbin/openconnect) ==4018== by 0x4C7E041: (below main) (in /usr/lib64/libc-2.31.so) ==4018== Using client certificate 'ALEXANDRE VALIM[removido]' Got next CA 'AC SOLUTI Multipla' from PKCS11 Got next CA 'AC SOLUTI' from PKCS11 Got next CA 'Autoridade Certificadora Raiz Brasileira v2' from PKCS11 Private key appears not to support RSA-PSS. Disabling TLSv1.3 ==4018== Conditional jump or move depends on uninitialised value(s) ==4018== at 0x483A7B3: malloc (vg_replace_malloc.c:309) ==4018== by 0x4959616: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D5CD: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x492D979: gnutls_privkey_sign_data2 (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x4919083: ??? (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x4919442: gnutls_certificate_set_key (in /usr/lib64/libgnutls.so.30.27.0) ==4018== by 0x489C0EE: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x489F021: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4871B37: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x4890DD1: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x48912EB: ??? (in /usr/lib64/libopenconnect.so.5.5.0) ==4018== by 0x10D83C: ??? (in /usr/sbin/openconnect) ==4018== SSL negotiation with portal[removido] Server certificate verify failed: signer not found Connected to HTTPS on portal[removido] Entre com seu usuário e senha do LDAP Senha: POST https://portal[removido] GlobalProtect login returned authentication-source=AUTH_PROF_VPN_A3 POST https://portal[removido] Session will expire after 43200 minutes. Tunnel timeout (rekey interval) is 180 minutes. Idle timeout is 180 minutes. No MTU received. Calculated 1422 for ESP tunnel POST https://portal[removido] Connected as 10.0.0.42, using SSL, with ESP in progress Continuing in background; pid 4242 ==4018== ==4018== HEAP SUMMARY: ==4018== in use at exit: 573,615 bytes in 2,426 blocks ==4018== total heap usage: 92,924 allocs, 90,498 frees, 16,054,057 bytes allocated ==4018== ==4018== LEAK SUMMARY: ==4018== definitely lost: 18,248 bytes in 138 blocks ==4018== indirectly lost: 23,319 bytes in 401 blocks ==4018== possibly lost: 768 bytes in 2 blocks ==4018== still reachable: 531,280 bytes in 1,885 blocks ==4018== suppressed: 0 bytes in 0 blocks ==4018== Rerun with --leak-check=full to see details of leaked memory ==4018== ==4018== Use --track-origins=yes to see where uninitialised values come from ==4018== For lists of detected and suppressed errors, rerun with: -s ==4018== ERROR SUMMARY: 197 errors from 14 contexts (suppressed: 0 from 0) Failed to connect ESP tunnel; using HTTPS instead.



VERSÕES UTILIZADAS

SO: Fedora 32
  • Kernel: 5.6.14
  • P11tool (gnutls-utils): 3.6.13
  • OpenSC: 0.20.0
  • Openconnect: 8.10
  • Valgrind: 3.15.0

SO: Ubuntu 20.04.4
  • Kernel: 5.13.0
  • P11tool (gnutls-bin): 3.6.13
  • OpenSC: 0.20.0
  • Openconnect: 8.05
  • Valgrind: 3.15.0

FIM.

Página anterior    

Páginas do artigo
   1. Introdução
   2. Identificar dados
   3. Conectar
   4. Problemas
Outros artigos deste autor
Nenhum artigo encontrado.
Leitura recomendada

Zebedee: Criando um túnel seguro entre máquinas

Verificando a velocidade ADSL contratada (Velox)

Integrando Apache 2 com Tomcat 5

Instalação do WordPress no CentOS 7

Monitorando as conversas do MSN com SCANHILL

  
Comentários
[1] Comentário enviado por maurixnovatrento em 05/07/2022 - 22:46h


Muito bacana.

___________________________________________________________
Conhecimento não se Leva para o Túmulo.
https://github.com/mxnt10


Contribuir com comentário




Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts