Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 6 Jun 2004 04:53:01 +0200
From:      Hannes Mehnert <hannes@mehnert.org>
To:        current@freebsd.org
Subject:   IPSec broken in -current
Message-ID:  <20040606025301.GB41345@mehnert.org>

next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I have a FreeBSD-CURRENT from Fri Jun  4 17:24:01 CEST 2004 where IPSec
is broken:

I tried IPSEC & IPSEC_ESP (kame stack) as well as FAST_IPSEC and always
get the following error during phase2 (output from racoon):
DEBUG: oakley.c:436:oakley_compute_keymat(): KEYMAT computed.
DEBUG: isakmp_quick.c:649:quick_i2send(): call pk_sendupdate
DEBUG: algorithm.c:513:alg_ipsec_encdef(): encription(rijndael)
DEBUG: algorithm.c:556:alg_ipsec_hmacdef(): hmac(hmac_sha1)
DEBUG: pfkey.c:1061:pk_sendupdate(): call pfkey_send_update
ERROR: pfkey.c:1076:pk_sendupdate(): libipsec failed send update
       (No buffer space available)
ERROR: isakmp_quick.c:651:quick_i2send(): pfkey update failed.
ERROR: isakmp.c:750:quick_main(): failed to process packet.

anyone has seen this?

kernel + world from 20040310 work fine with same config and racoon.

I recompiled racoon-20040408a with the new world.

Full racoon log, dmesg, kernel config,... is available on request.

Regards,

Hannes Mehnert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAwocJRcuNlziBjRwRAjOpAJ9UruylB9zbd1oDEtQtLB6ALLAaswCgi+ga
mMFhEh6yZuBnxB409sT9XOg=
=VuYB
-----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040606025301.GB41345>