From owner-freebsd-questions@FreeBSD.ORG  Mon Jun 27 09:47:28 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 60C6016A41C
	for <freebsd-questions@freebsd.org>;
	Mon, 27 Jun 2005 09:47:28 +0000 (GMT)
	(envelope-from szabszi@goodwill.hu)
Received: from goodwill.hu (goodwill.dyndns.ws [81.182.246.121])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E519943D4C
	for <freebsd-questions@freebsd.org>;
	Mon, 27 Jun 2005 09:47:27 +0000 (GMT)
	(envelope-from szabszi@goodwill.hu)
Received: from 201-246-182-81.adsl-fixip.axelero.hu ([81.182.246.201]
	helo=[192.168.1.2]) by goodwill.hu with esmtpa (Exim 4.51 (FreeBSD))
	id 1Dmq8t-0009yL-6v
	for freebsd-questions@freebsd.org; Mon, 27 Jun 2005 11:43:07 +0200
Message-ID: <42BFC9D4.4060303@goodwill.hu>
Date: Mon, 27 Jun 2005 11:41:40 +0200
From: =?ISO-8859-2?Q?G=E9czi_Szabolcs?= <szabszi@goodwill.hu>
Organization: Goodwill Pharma Ltd.
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <42BEFD06.8060309@goodwill.hu>
	<6crub11ukophin1lr8fno1kji8m2qniqnf@4ax.com>
In-Reply-To: <6crub11ukophin1lr8fno1kji8m2qniqnf@4ax.com>
Content-Type: text/plain; charset=iso-8859-2; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Score: -2.5 (--)
X-Spam-Report: Spam detection software, running on the system "ibm.goodwill.hu",
	has
	identified this incoming email as possible spam. The original message
	has been attached to this so you can view it (if it isn't spam) or
	label similar future email.  If you have any questions, see
	the administrator of that system for details.
	Content preview:  > On Sun, 26 Jun 2005 21:07:50 +0200, in
	sentex.lists.freebsd.questions > you wrote: > >>hi there, >> >>after
	updating my freebsd to 5.4-stable, i can't make my racoon work as
	>>before. > > Strange error. I would start by recompiling racoon. Are
	you using > the latest version from the ports as well ? > I am using >
	5.4-STABLE FreeBSD 5.4-STABLE #1: Thu Jun 2 > with 20050510a using
	FAST_IPSEC > 2005-06-27 08:34:13: INFO: main.c:172:main(): @(#)package
	version freebsd-20050510a 2005-06-27 08:34:13: INFO: main.c:174:main():
	@(#)internal version 20001216 sakane@kame.net 2005-06-27 08:34:13:
	INFO: main.c:175:main(): @(#)This product linked OpenSSL 0.9.7e 25 Oct
	2004 (http://www.openssl.org/) 2005-06-27 08:34:13: ERROR:
	pfkey.c:2394:pk_checkalg(): Must get supported algorithms list first.
	2005-06-27 08:34:13: ERROR: cftoken.l:494:yyerror():
	/usr/local/etc/racoon/racoon.conf:129: "; " algorithm 3DES not supported
	2005-06-27 08:34:13: ERROR: cfparse.y:1410:cfparse(): fatal parse
	failure (1 errors) - [...] 
	Content analysis details:   (-2.5 points, 5.0 required)
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	-2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
	[score: 0.0000]
	0.1 AWL AWL: From: address is in the auto white-list
Subject: Re: 5.4-stable vs racoon
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: szabszi@goodwill.hu
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jun 2005 09:47:28 -0000

> On Sun, 26 Jun 2005 21:07:50 +0200, in sentex.lists.freebsd.questions
> you wrote:
>
>>hi there,
>>
>>after updating my freebsd to 5.4-stable, i can't make my racoon work as
>>before.
>
> Strange error.  I would start by recompiling racoon.  Are you using
> the latest version from the ports as well ?
> I am using
> 5.4-STABLE FreeBSD 5.4-STABLE #1: Thu Jun  2
> with 20050510a using FAST_IPSEC
>
2005-06-27 08:34:13: INFO: main.c:172:main(): @(#)package version
freebsd-20050510a
2005-06-27 08:34:13: INFO: main.c:174:main(): @(#)internal version
20001216 sakane@kame.net
2005-06-27 08:34:13: INFO: main.c:175:main(): @(#)This product linked
OpenSSL 0.9.7e 25 Oct 2004 (http://www.openssl.org/)
2005-06-27 08:34:13: ERROR: pfkey.c:2394:pk_checkalg(): Must get supported
algorithms list first.
2005-06-27 08:34:13: ERROR: cftoken.l:494:yyerror():
/usr/local/etc/racoon/racoon.conf:129: ";" algorithm 3DES not supported
2005-06-27 08:34:13: ERROR: cfparse.y:1410:cfparse(): fatal parse failure
(1 errors)
-

FreeBSD 5.4-STABLE #2: Sun Jun 26 17:53:14 CEST 2005

options         IPSEC
options         IPSEC_DEBUG

>>
>>i get this error message:
>>
>>2005-06-26 21:01:24: ERROR: pfkey.c:2394:pk_checkalg(): Must get
>>supported algorithms list first.
>>2005-06-26 21:01:24: ERROR: cftoken.l:494:yyerror():
>>/usr/local/etc/racoon/racoon.conf:156: ";" algorithm 3DES not supported
>
> If you did upgrade racoon, is it something goofy like it insisting
> 3DES be written as 3des now ?

         proposal {
                 encryption_algorithm 3des;
                 hash_algorithm sha1;
                 authentication_method pre_shared_key ;
                 dh_group 2 ;
         }

it sends error message wheter i write it 3des or 3DES.