From owner-freebsd-user-groups@FreeBSD.ORG Fri May 27 11:18:37 2011 Return-Path: Delivered-To: freebsd-user-groups@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 197D3106566C for ; Fri, 27 May 2011 11:18:37 +0000 (UTC) (envelope-from ramaswamy.bm@globaledgesoft.com) Received: from gesmail.globaledgesoft.com (gesmail.globaledgesoft.com [203.76.137.4]) by mx1.freebsd.org (Postfix) with ESMTP id 058978FC0A for ; Fri, 27 May 2011 11:18:35 +0000 (UTC) Received: from RamaswamySM (ramaswamy_sm.globaledgesoft.com [172.16.8.54]) by gesmail.globaledgesoft.com (Postfix) with ESMTP id 6F184588157 for ; Fri, 27 May 2011 16:35:46 +0530 (IST) From: "ramaswamy" To: References: In-Reply-To: Date: Fri, 27 May 2011 16:34:07 +0530 Message-ID: <00b101cc1c5d$cc86bbe0$659433a0$@bm@globaledgesoft.com> MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcwcXTt7wYDdz6RVRvuc7Mjoq93dPwAABcKAAAAcUaA= Content-Language: en-us Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Kernel(2.6.23.1-42.fc8) is not identifying the SADB_ACQUIRE(PF_KEY) message to indicate key management failure X-BeenThere: freebsd-user-groups@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User Group Coordination List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 May 2011 11:18:37 -0000 Hi all, I'm receiving the SADB_ACQUIRE message from the kernel to establish the required SA, as i have registered my pfkey socket with the kernel. The Key management in my application is failing to get the require key information from the server, so I'm sending the same SADB_ACQUIRE message to the kernel with same sequence number which have received in the SADB_ACQUIRE message with errno set to ENOENT to indicate the Key management has failed. Here i'm constructing only the base header (struct sadb_msg) as described in the RFC 2367. As per the RFC 2367 it has to return me the SADB_ACQUIRE message with the same errno set. The problem here I'm facing is, the kernel is dropping the message which i have sent to the kernel to indicate the Key management has failed. The Kernel is sending the same (last SADB_ACQUIRE for which key management is failed) SADB_ACQUIRE message with errno set to ZERO. The OS i'm using is Fedora core 8 (2.6.23.1-42.fc8). Is this handled in the above mentioned Linux Kernel version ? can any please let me know what is wrong i'm doing here. It will be very helpful for me. This is code snippet which i'm sending to kernel. /* * send error against acquire message to kenrel. */ int send_acquire_msg_fail(struct acquire *acquire) { struct sadb_msg *newmsg; int len; len = sizeof(struct sadb_msg); newmsg = calloc(1, len); if (newmsg == NULL) { ERROR_RETURN("failed to get buffer to send acquire.\n"); return -1; } memset(newmsg, 0, len); newmsg->sadb_msg_version = PF_KEY_V2; newmsg->sadb_msg_type = SADB_ACQUIRE; newmsg->sadb_msg_errno = ENOENT; newmsg->sadb_msg_satype = SADB_SATYPE_ESP; newmsg->sadb_msg_len = (len/8); newmsg->sadb_msg_reserved = 0; newmsg->sadb_msg_seq = acquire->seq; newmsg->sadb_msg_pid = (u_int32_t)getpid(); /* send message */ if (len != write(pfkey_socket, (void*)msg, len)) { ERROR_RETURN (("SORRY, failed to write the SADB_ACQUIRE message to the kernel\n")); } free(newmsg); return 0; } -- Regards, Ram From owner-freebsd-user-groups@FreeBSD.ORG Fri May 27 11:58:18 2011 Return-Path: Delivered-To: freebsd-user-groups@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CD84D1065673 for ; Fri, 27 May 2011 11:58:18 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from tower.berklix.org (tower.berklix.org [83.236.223.114]) by mx1.freebsd.org (Postfix) with ESMTP id 5A9D98FC18 for ; Fri, 27 May 2011 11:58:18 +0000 (UTC) Received: from park.js.berklix.net (p5DCBECB5.dip.t-dialin.net [93.203.236.181]) (authenticated bits=0) by tower.berklix.org (8.14.2/8.14.2) with ESMTP id p4RBctNE049182; Fri, 27 May 2011 11:38:56 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by park.js.berklix.net (8.13.8/8.13.8) with ESMTP id p4RBclUN015093; Fri, 27 May 2011 13:38:47 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.3/8.14.3) with ESMTP id p4RBcaVf095610; Fri, 27 May 2011 13:38:42 +0200 (CEST) (envelope-from jhs@fire.js.berklix.net) Message-Id: <201105271138.p4RBcaVf095610@fire.js.berklix.net> To: "ramaswamy" From: "Julian H. Stacey" Organization: http://www.berklix.com BSD Unix Linux Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Fri, 27 May 2011 16:34:07 +0530." <00b101cc1c5d$cc86bbe0$659433a0$@bm@globaledgesoft.com> Date: Fri, 27 May 2011 13:38:36 +0200 Sender: jhs@berklix.com Cc: freebsd-user-groups@freebsd.org Subject: Re: Kernel(2.6.23.1-42.fc8) is not identifying the SADB_ACQUIRE(PF_KEY) message to indicate key management failure X-BeenThere: freebsd-user-groups@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User Group Coordination List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 May 2011 11:58:18 -0000 > Hi all, > I'm receiving the SADB_ACQUIRE message from the kernel to establish the Wrong List ! First run uname -r then decide which of current@freebsd.org hackers@freebsd.org stable@freebsd.org you should repost to. Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Mail plain text; Not quoted-printable, Not HTML, Not base 64. Reply below text sections not at top, to avoid breaking cumulative context. UK: Some MPs assert some injunctions obstruct constituent communication & are contempt of parliament. Parliament once sent a judge to the tower. From owner-freebsd-user-groups@FreeBSD.ORG Fri May 27 12:13:50 2011 Return-Path: Delivered-To: freebsd-user-groups@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F47E106564A for ; Fri, 27 May 2011 12:13:50 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-gy0-f182.google.com (mail-gy0-f182.google.com [209.85.160.182]) by mx1.freebsd.org (Postfix) with ESMTP id 07B738FC15 for ; Fri, 27 May 2011 12:13:49 +0000 (UTC) Received: by gyg13 with SMTP id 13so861972gyg.13 for ; Fri, 27 May 2011 05:13:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:date:from:to:cc:subject:message-id :reply-to:references:mime-version:content-type:content-disposition :in-reply-to:x-openpgp-key-id:x-openpgp-key-fingerprint :x-openpgp-key-url; bh=t2Ou29q8Hvs9doOlOcxj/9NriFlNMRzisOBASf6Q+28=; b=o5B+74aVLGyoQ8/1a7ldMjfWO1wIuO9n6ImiopIfZqTbYTHTtoIhrRMXMj8ApVEJyj 4iVOOwBVXa/DJ2JPuz/yRVcknuYp5ouMZkU718gg8jJjXgTUsJQWlmJmwHCuo4u3iucE pjfg6TOD//FKx93vX6G4+OcTYCRvmtX+EHiQI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:date:from:to:cc:subject:message-id:reply-to:references :mime-version:content-type:content-disposition:in-reply-to :x-openpgp-key-id:x-openpgp-key-fingerprint:x-openpgp-key-url; b=PsIXCl9/VIOGqLI3uLW8C0Gxe8bGNCRjSICN9vV2Q8NSg34hL/65w8epcgbbF/kKDr WeGQLlR4+ZTVHtv8qh9HnGZdG7hQCxN6ssCFNt8auesD9cF6+JoKnCK/cVZPEEyZQ43h 57bkG3gnRaKW2K6749qZ+d9drCoQ6DZFoz3Y8= Received: by 10.236.170.225 with SMTP id p61mr2766891yhl.231.1306497005502; Fri, 27 May 2011 04:50:05 -0700 (PDT) Received: from DataIX.net (adsl-99-19-42-166.dsl.klmzmi.sbcglobal.net [99.19.42.166]) by mx.google.com with ESMTPS id v44sm309270yhl.27.2011.05.27.04.50.02 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 27 May 2011 04:50:03 -0700 (PDT) Sender: "J. Hellenthal" Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.4/8.14.4) with ESMTP id p4RBnxrj031918 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 27 May 2011 07:49:59 -0400 (EDT) (envelope-from jhell@DataIX.net) Received: (from jhell@localhost) by DataIX.net (8.14.4/8.14.4/Submit) id p4RBnxhA031917; Fri, 27 May 2011 07:49:59 -0400 (EDT) (envelope-from jhell@DataIX.net) Date: Fri, 27 May 2011 07:49:59 -0400 From: Jason Hellenthal To: ramaswamy Message-ID: <20110527114958.GA30970@DataIX.net> References: <00b101cc1c5d$cc86bbe0$659433a0$@bm@globaledgesoft.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="uAKRQypu60I7Lcqm" Content-Disposition: inline In-Reply-To: <00b101cc1c5d$cc86bbe0$659433a0$@bm@globaledgesoft.com> X-OpenPGP-Key-Id: 0x89D8547E X-OpenPGP-Key-Fingerprint: 85EF E26B 07BB 3777 76BE B12A 9057 8789 89D8 547E X-OpenPGP-Key-URL: http://bit.ly/0x89D8547E Cc: freebsd-user-groups@freebsd.org Subject: Re: Kernel(2.6.23.1-42.fc8) is not identifying the SADB_ACQUIRE(PF_KEY) message to indicate key management failure X-BeenThere: freebsd-user-groups@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jhell@DataIX.net List-Id: User Group Coordination List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 May 2011 12:13:50 -0000 --uAKRQypu60I7Lcqm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable ramaswamy, Sadly this is not a FreeBSD issue while this is a FreeBSD User Group. Please check up with your linux user mailling list. On Fri, May 27, 2011 at 04:34:07PM +0530, ramaswamy wrote: > Hi all, >=20 > =20 >=20 > I'm receiving the SADB_ACQUIRE message from the kernel to establish the > required SA, as i have registered my pfkey socket with the kernel.=20 >=20 > The Key management in my application is failing to get the require key > information from the server, so I'm sending the same SADB_ACQUIRE message= to > the kernel with same sequence number which have received in the SADB_ACQU= IRE > message with errno set to ENOENT to indicate the Key management has faile= d.=20 >=20 > =20 >=20 > Here i'm constructing only the base header (struct sadb_msg) as described= in > the RFC 2367. As per the RFC 2367 it has to return me the SADB_ACQUIRE > message with the same errno set.=20 >=20 > =20 >=20 > The problem here I'm facing is, the kernel is dropping the message which i > have sent to the kernel to indicate the Key management has failed. The > Kernel is sending the same (last SADB_ACQUIRE for which key management is > failed) SADB_ACQUIRE message with errno set to ZERO. The OS i'm using is > Fedora core 8 (2.6.23.1-42.fc8). >=20 > =20 >=20 > Is this handled in the above mentioned Linux Kernel version ? >=20 > =20 >=20 > can any please let me know what is wrong i'm doing here. It will be very > helpful for me. >=20 > =20 >=20 > This is code snippet which i'm sending to kernel. >=20 > =20 >=20 > /* >=20 > * send error against acquire message to kenrel. >=20 > */ >=20 > int >=20 > send_acquire_msg_fail(struct acquire *acquire) >=20 > { >=20 > struct sadb_msg *newmsg; >=20 > int len; >=20 > =20 >=20 > len =3D sizeof(struct sadb_msg); >=20 > newmsg =3D calloc(1, len); >=20 > if (newmsg =3D=3D NULL) { >=20 > ERROR_RETURN("failed to get buffer to send acquire.\n"); >=20 > return -1; >=20 > } >=20 > =20 >=20 > memset(newmsg, 0, len); >=20 > newmsg->sadb_msg_version =3D PF_KEY_V2; =20 >=20 > newmsg->sadb_msg_type =3D SADB_ACQUIRE; >=20 > newmsg->sadb_msg_errno =3D ENOENT; =20 >=20 > newmsg->sadb_msg_satype =3D SADB_SATYPE_ESP; >=20 > newmsg->sadb_msg_len =3D (len/8); >=20 > newmsg->sadb_msg_reserved =3D 0; >=20 > newmsg->sadb_msg_seq =3D acquire->seq; >=20 > newmsg->sadb_msg_pid =3D (u_int32_t)getpid(); >=20 > =20 >=20 > /* send message */ >=20 > if (len !=3D write(pfkey_socket, (void*)msg, len)) { >=20 > ERROR_RETURN (("SORRY, failed to write the SADB_ACQUIRE message= to > the kernel\n")); >=20 > } >=20 > free(newmsg); >=20 > return 0; >=20 > } >=20 > =20 >=20 > --=20 >=20 > Regards, >=20 > Ram >=20 > =20 >=20 > _______________________________________________ > freebsd-user-groups@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-user-groups > To unsubscribe, send any mail to "freebsd-user-groups-unsubscribe@freebsd= =2Eorg" --=20 "Unity can only be manifested by the Binary. Unity itself and the idea of U= nity are already two." -- Buddha Regards, (jhell) Jason Hellenthal --uAKRQypu60I7Lcqm Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) Comment: http://bit.ly/0x89D8547E iQEcBAEBAgAGBQJN34/mAAoJEJBXh4mJ2FR+M7QH/0ysdnWMlLaCSsfrbZFbMnHx RDlTHGYxGWSDsh9d0CPfkg1RYj0507Qyp/6wnBlfabAOzwVkb+9CaYgdoBJ4GzXZ DR6QFV4/TzEPLgQt8YNCEHQQAK6efsFeu6S6GFNXE0R6zFSxw5mw7yHy8AogO0Hz HcYROWnew8j9lYhs1+TtW8O/zcYNgF+lLRhkL8svKXw4/sR1XrvfvzOM6SL/UZiY GlwqqMv8WHq8rlURkBScX6D5bsC0d9QLQove6L2E9T1MON97GKp+KvSJK7oxkTCe Sh8tRaxFC/OeKU40ZuIvB423GfW6mSV/hK0c8o0kpnt4bR80Y1uU/BHzgnhrQkk= =ARjG -----END PGP SIGNATURE----- --uAKRQypu60I7Lcqm--