I'm trying to configure OpenSwan, an open source IPsec solution written in C.
I have a script to download a configuration file ipsec.conf on an Amazon Linux EC2 that was created on my Macbook and uploaded to S3.
When I start the ipsec service, it segfaults.
Curiously, if I open the configuration file with VIM, make no changes, and simply write/quit, it works. This lends me to believe somehow the file has some weird characters/formatting.
I know of dos2unix, which I ran on the configuration file but that did not prevent the segfault.
I'm wondering what exactly VIM is doing when I write/quit. I could script that operation on my configuration file after pulling it. Or anything else that would help me understand what's going on.
First, try to open the file with vim, then exit vim (:q) without having saved the file before. If vim says File modified since last complete write; write or use ! to override., this means that this is not something that vim does when write/quit that changes your file, but that this is something that vim does when it opens the file. And this is the most common case.
Vim parses the input file depending on the locale, and if some characters can not be understood according to the locale, vim may forget them. So, when saving the file, those characters will be removed.
Now, use vim to save your file as ipsec-ok.conf.
And run the following command:
bash -c 'diff <(od -xa ipsec.conf) <(od -xa ipsec-ok.conf)'
This will display the differences between the original file and the one that works with OpenSwan. In ascii and hexadecimal formats. This way, you will find the unsupported characters that make OpenSwan dump a core.