IPSec broken in -current
Hannes Mehnert
hannes at mehnert.org
Sun Jun 6 02:53:22 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I have a FreeBSD-CURRENT from Fri Jun 4 17:24:01 CEST 2004 where IPSec
is broken:
I tried IPSEC & IPSEC_ESP (kame stack) as well as FAST_IPSEC and always
get the following error during phase2 (output from racoon):
DEBUG: oakley.c:436:oakley_compute_keymat(): KEYMAT computed.
DEBUG: isakmp_quick.c:649:quick_i2send(): call pk_sendupdate
DEBUG: algorithm.c:513:alg_ipsec_encdef(): encription(rijndael)
DEBUG: algorithm.c:556:alg_ipsec_hmacdef(): hmac(hmac_sha1)
DEBUG: pfkey.c:1061:pk_sendupdate(): call pfkey_send_update
ERROR: pfkey.c:1076:pk_sendupdate(): libipsec failed send update
(No buffer space available)
ERROR: isakmp_quick.c:651:quick_i2send(): pfkey update failed.
ERROR: isakmp.c:750:quick_main(): failed to process packet.
anyone has seen this?
kernel + world from 20040310 work fine with same config and racoon.
I recompiled racoon-20040408a with the new world.
Full racoon log, dmesg, kernel config,... is available on request.
Regards,
Hannes Mehnert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFAwocJRcuNlziBjRwRAjOpAJ9UruylB9zbd1oDEtQtLB6ALLAaswCgi+ga
mMFhEh6yZuBnxB409sT9XOg=
=VuYB
-----END PGP SIGNATURE-----
More information about the freebsd-current
mailing list