[Bug 263379] [regression] [ipsec] compatibility broken between stable/12 and stable/13 opencrypto in AEAD mode
Date: Tue, 19 Apr 2022 17:24:58 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263379
--- Comment #11 from Eugene Grosbein <eugen@freebsd.org> ---
(In reply to John Baldwin from comment #10)
Thank you very much. I've found that EINVAL is also returned if I forget to
kldload ipsec.ko. Pilot error.
OTOH, maybe it is time for our setkey(8) to kldload ipsec.ko automatically just
like ifconfig(8) loads needed modules. We have ipsec.ko in all supported
branches (since 11.1-RELEASE).
Something like this maybe?
--- sbin/setkey.c.orig 2022-02-04 20:36:27.627040000 +0000
+++ sbin/setkey.c 2022-04-19 17:22:46.193421000 +0000
@@ -34,6 +34,8 @@
#include <sys/types.h>
#include <sys/param.h>
+#include <sys/linker.h>
+#include <sys/module.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <err.h>
@@ -102,6 +104,17 @@ usage()
exit(1);
}
+static int
+modload(const char *name)
+{
+ if (modfind(name) < 0)
+ if (kldload(name) < 0 || modfind(name) < 0) {
+ warn("%s: module not found", name);
+ return 0;
+ }
+ return 1;
+}
+
int
main(ac, av)
int ac;
@@ -167,6 +180,7 @@ main(ac, av)
}
}
+ modload("ipsec");
so = pfkey_open();
if (so < 0) {
perror("pfkey_open");
--
You are receiving this mail because:
You are on the CC list for the bug.