Date: Fri, 27 May 2011 07:49:59 -0400 From: Jason Hellenthal <jhell@DataIX.net> To: ramaswamy <ramaswamy.bm@globaledgesoft.com> Cc: freebsd-user-groups@freebsd.org Subject: Re: Kernel(2.6.23.1-42.fc8) is not identifying the SADB_ACQUIRE(PF_KEY) message to indicate key management failure Message-ID: <20110527114958.GA30970@DataIX.net> In-Reply-To: <00b101cc1c5d$cc86bbe0$659433a0$@bm@globaledgesoft.com> References: <00b101cc1c5d$cc86bbe0$659433a0$@bm@globaledgesoft.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
ramaswamy,
Sadly this is not a FreeBSD issue while this is a FreeBSD User Group.
Please check up with your linux user mailling list.
On Fri, May 27, 2011 at 04:34:07PM +0530, ramaswamy wrote:
> Hi all,
>
>
>
> I'm receiving the SADB_ACQUIRE message from the kernel to establish the
> required SA, as i have registered my pfkey socket with the kernel.
>
> The Key management in my application is failing to get the require key
> information from the server, so I'm sending the same SADB_ACQUIRE message to
> the kernel with same sequence number which have received in the SADB_ACQUIRE
> message with errno set to ENOENT to indicate the Key management has failed.
>
>
>
> Here i'm constructing only the base header (struct sadb_msg) as described in
> the RFC 2367. As per the RFC 2367 it has to return me the SADB_ACQUIRE
> message with the same errno set.
>
>
>
> The problem here I'm facing is, the kernel is dropping the message which i
> have sent to the kernel to indicate the Key management has failed. The
> Kernel is sending the same (last SADB_ACQUIRE for which key management is
> failed) SADB_ACQUIRE message with errno set to ZERO. The OS i'm using is
> Fedora core 8 (2.6.23.1-42.fc8).
>
>
>
> Is this handled in the above mentioned Linux Kernel version ?
>
>
>
> can any please let me know what is wrong i'm doing here. It will be very
> helpful for me.
>
>
>
> This is code snippet which i'm sending to kernel.
>
>
>
> /*
>
> * send error against acquire message to kenrel.
>
> */
>
> int
>
> send_acquire_msg_fail(struct acquire *acquire)
>
> {
>
> struct sadb_msg *newmsg;
>
> int len;
>
>
>
> len = sizeof(struct sadb_msg);
>
> newmsg = calloc(1, len);
>
> if (newmsg == NULL) {
>
> ERROR_RETURN("failed to get buffer to send acquire.\n");
>
> return -1;
>
> }
>
>
>
> memset(newmsg, 0, len);
>
> newmsg->sadb_msg_version = PF_KEY_V2;
>
> newmsg->sadb_msg_type = SADB_ACQUIRE;
>
> newmsg->sadb_msg_errno = ENOENT;
>
> newmsg->sadb_msg_satype = SADB_SATYPE_ESP;
>
> newmsg->sadb_msg_len = (len/8);
>
> newmsg->sadb_msg_reserved = 0;
>
> newmsg->sadb_msg_seq = acquire->seq;
>
> newmsg->sadb_msg_pid = (u_int32_t)getpid();
>
>
>
> /* send message */
>
> if (len != write(pfkey_socket, (void*)msg, len)) {
>
> ERROR_RETURN (("SORRY, failed to write the SADB_ACQUIRE message to
> the kernel\n"));
>
> }
>
> free(newmsg);
>
> return 0;
>
> }
>
>
>
> --
>
> Regards,
>
> Ram
>
>
>
> _______________________________________________
> freebsd-user-groups@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-user-groups
> To unsubscribe, send any mail to "freebsd-user-groups-unsubscribe@freebsd.org"
--
"Unity can only be manifested by the Binary. Unity itself and the idea of Unity are already two." -- Buddha
Regards, (jhell)
Jason Hellenthal
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (FreeBSD)
Comment: http://bit.ly/0x89D8547E
iQEcBAEBAgAGBQJN34/mAAoJEJBXh4mJ2FR+M7QH/0ysdnWMlLaCSsfrbZFbMnHx
RDlTHGYxGWSDsh9d0CPfkg1RYj0507Qyp/6wnBlfabAOzwVkb+9CaYgdoBJ4GzXZ
DR6QFV4/TzEPLgQt8YNCEHQQAK6efsFeu6S6GFNXE0R6zFSxw5mw7yHy8AogO0Hz
HcYROWnew8j9lYhs1+TtW8O/zcYNgF+lLRhkL8svKXw4/sR1XrvfvzOM6SL/UZiY
GlwqqMv8WHq8rlURkBScX6D5bsC0d9QLQove6L2E9T1MON97GKp+KvSJK7oxkTCe
Sh8tRaxFC/OeKU40ZuIvB423GfW6mSV/hK0c8o0kpnt4bR80Y1uU/BHzgnhrQkk=
=ARjG
-----END PGP SIGNATURE-----
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110527114958.GA30970>