From owner-freebsd-current@FreeBSD.ORG  Tue Dec  9 16:44:19 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4026216A4D0
	for <current@freebsd.org>; Tue,  9 Dec 2003 16:44:19 -0800 (PST)
Received: from carver.gumbysoft.com (carver.gumbysoft.com [66.220.23.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C99EC43D1D
	for <current@freebsd.org>; Tue,  9 Dec 2003 16:44:09 -0800 (PST)
	(envelope-from dwhite@gumbysoft.com)
Received: by carver.gumbysoft.com (Postfix, from userid 1000)
	id 8D54172DBF; Tue,  9 Dec 2003 16:44:09 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
	by carver.gumbysoft.com (Postfix) with ESMTP
	id 88BC172DB8; Tue,  9 Dec 2003 16:44:09 -0800 (PST)
Date: Tue, 9 Dec 2003 16:44:09 -0800 (PST)
From: Doug White <dwhite@gumbysoft.com>
To: Marco Wertejuk <wertejuk@mwcis.com>
In-Reply-To: <20031209225231.GA2133@maeko.hayai.de>
Message-ID: <20031209164343.G25346@carver.gumbysoft.com>
References: <20031209225231.GA2133@maeko.hayai.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: current@freebsd.org
Subject: Re: Is racoon known to be broken?
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Dec 2003 00:44:19 -0000

On Tue, 9 Dec 2003, Marco Wertejuk wrote:

> I could not get racoon running even after modifying the
> config file and the same configs are running in 4-Stable.
>
> When running racoon with -F -d it tells about 3DES
> being unsupported, I rebuilt world and my kernel
> to make sure it's not an out of sync problem but
> it persists:

So use a different algorithm.  You have compiled your kernel with 'options
IPSEC', yes?

> INFO: main.c:172:main(): @(#)package version freebsd-20030826a
> INFO: main.c:174:main(): @(#)internal version 20001216 sakane@kame.net
> INFO: main.c:175:main(): @(#)This product linked OpenSSL 0.9.7c 30 Sep 2003 (http://www.openssl.org/)
> DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for AH
> DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for ESP
> DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for IPCOMP
> DEBUG: cftoken.l:578:yycf_set_buffer(): reading config file /usr/local/etc/racoon/racoon.conf
> WARNING: cftoken.l:514:yywarn(): /usr/local/etc/racoon/racoon.conf:66: "support_mip6" it is obsoleted.  use "support_proxy".
> DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
> DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
> ERROR: pfkey.c:2325:pk_checkalg(): Must get supported algorithms list first.
> ERROR: cftoken.l:494:yyerror(): /usr/local/etc/racoon/racoon.conf:103: ";" algorithm 3DES not supported
> ERROR: cfparse.y:1397:cfparse(): fatal parse failure (1 errors)
>
> Anyone seen this problem before?
>
>

-- 
Doug White                    |  FreeBSD: The Power to Serve
dwhite@gumbysoft.com          |  www.FreeBSD.org