Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 9 Dec 2003 16:44:09 -0800 (PST)
From:      Doug White <dwhite@gumbysoft.com>
To:        Marco Wertejuk <wertejuk@mwcis.com>
Cc:        current@freebsd.org
Subject:   Re: Is racoon known to be broken?
Message-ID:  <20031209164343.G25346@carver.gumbysoft.com>
In-Reply-To: <20031209225231.GA2133@maeko.hayai.de>
References:  <20031209225231.GA2133@maeko.hayai.de>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, 9 Dec 2003, Marco Wertejuk wrote:

> I could not get racoon running even after modifying the
> config file and the same configs are running in 4-Stable.
>
> When running racoon with -F -d it tells about 3DES
> being unsupported, I rebuilt world and my kernel
> to make sure it's not an out of sync problem but
> it persists:

So use a different algorithm.  You have compiled your kernel with 'options
IPSEC', yes?

> INFO: main.c:172:main(): @(#)package version freebsd-20030826a
> INFO: main.c:174:main(): @(#)internal version 20001216 sakane@kame.net
> INFO: main.c:175:main(): @(#)This product linked OpenSSL 0.9.7c 30 Sep 2003 (http://www.openssl.org/)
> DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for AH
> DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for ESP
> DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for IPCOMP
> DEBUG: cftoken.l:578:yycf_set_buffer(): reading config file /usr/local/etc/racoon/racoon.conf
> WARNING: cftoken.l:514:yywarn(): /usr/local/etc/racoon/racoon.conf:66: "support_mip6" it is obsoleted.  use "support_proxy".
> DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
> DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
> ERROR: pfkey.c:2325:pk_checkalg(): Must get supported algorithms list first.
> ERROR: cftoken.l:494:yyerror(): /usr/local/etc/racoon/racoon.conf:103: ";" algorithm 3DES not supported
> ERROR: cfparse.y:1397:cfparse(): fatal parse failure (1 errors)
>
> Anyone seen this problem before?
>
>

-- 
Doug White                    |  FreeBSD: The Power to Serve
dwhite@gumbysoft.com          |  www.FreeBSD.org

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031209164343.G25346>