Menu
▾
▴
ipsec-tools-commits — CVS Commit Log Messages
This list is closed, nobody may subscribe to it.
| 2004 |
Jan
(59) |
Feb
(43) |
Mar
(72) |
Apr
(93) |
May
(57) |
Jun
(84) |
Jul
(13) |
Aug
(13) |
Sep
(73) |
Oct
(71) |
Nov
(151) |
Dec
(53) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
(64) |
Feb
(94) |
Mar
(58) |
Apr
(157) |
May
(178) |
Jun
(81) |
Jul
(135) |
Aug
(35) |
Sep
(33) |
Oct
(49) |
Nov
(34) |
Dec
(33) |
| 2006 |
Jan
(19) |
Feb
(39) |
Mar
(7) |
Apr
(56) |
May
(69) |
Jun
(38) |
Jul
(24) |
Aug
(15) |
Sep
(12) |
Oct
(6) |
Nov
(1) |
Dec
|
| 2007 |
Jan
(7) |
Feb
(8) |
Mar
(2) |
Apr
(6) |
May
(2) |
Jun
(2) |
Jul
(1) |
Aug
(2) |
Sep
(1) |
Oct
(1) |
Nov
(4) |
Dec
|
| 2008 |
Jan
|
Feb
(4) |
Mar
(5) |
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
(2) |
Sep
(2) |
Oct
(2) |
Nov
(8) |
Dec
|
| 2009 |
Jan
(109) |
Feb
|
Mar
|
Apr
(5) |
May
(2) |
Jun
|
Jul
|
Aug
|
Sep
(2) |
Oct
|
Nov
(1) |
Dec
(2) |
| 2010 |
Jan
|
Feb
(4) |
Mar
(2) |
Apr
(4) |
May
|
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
(4) |
Nov
(1) |
Dec
(3) |
| 2011 |
Jan
|
Feb
|
Mar
(1) |
Apr
|
May
(1) |
Jun
(5) |
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
(1) |
Feb
(1) |
Mar
(1) |
Apr
(1) |
May
(4) |
Jun
|
Jul
(3) |
Aug
(2) |
Sep
|
Oct
|
Nov
(3) |
Dec
|
| 2013 |
Jan
(3) |
Feb
(6) |
Mar
|
Apr
(4) |
May
(2) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
1
|
2
(6) |
3
(4) |
4
(20) |
5
(7) |
6
(6) |
7
(14) |
|
8
(6) |
9
(2) |
10
(18) |
11
(1) |
12
(20) |
13
(15) |
14
(10) |
|
15
|
16
|
17
(3) |
18
(4) |
19
(2) |
20
(18) |
21
|
|
22
|
23
(4) |
24
(2) |
25
(3) |
26
|
27
|
28
|
|
29
|
30
(5) |
31
(8) |
|
|
|
|
|
From: SourceForge.net <no...@so...> - 2005-05-31 18:21:24
|
Bugs item #956705, was opened at 2004-05-19 16:23 Message generated for change (Comment added) made by monas You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=956705&group_id=74601 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None >Status: Closed Resolution: None Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: racoonctl is not installed Initial Comment: The default Makefile install target does not include racconctl installation ---------------------------------------------------------------------- >Comment By: Aidas Kasparas (monas) Date: 2005-05-31 21:21 Message: Logged In: YES user_id=39627 Fixed since 2004-09-21 ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=956705&group_id=74601 |
|
From: SourceForge.net <no...@so...> - 2005-05-31 16:09:14
|
Bugs item #1199700, was opened at 2005-05-11 12:32 Message generated for change (Comment added) made by monas You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1199700&group_id=74601 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Configuration Group: 0.5 branch >Status: Closed Resolution: None Priority: 5 Submitted By: Nobody/Anonymous (nobody) >Assigned to: Aidas Kasparas (monas) Summary: problem definins sainfo with from asn1dn ... Initial Comment: defining a sainfo like: sainfo address X.X.X.X any address Y.Y.Y.Y any from asn1dn "C=.... the phase 2 fails with 'failed to get sainfo'. Debugging I noted that the function gesainfo faild because the first byte of sainfo id (s->id_i->v) contains the vaule FF and not (09) as the peer. Reading the code I understud that this byte is filled using the function idtype2doi that is based on the array rm_idtype2doi. This array does not contain a mapping for IDTYPE_ASN1DN. At the moment I added the line *((char *)(peer->v)) = *((char *)(s->id_i->v)); into file sainfo.c at the function gesainfo just before the line if (memcmp(peer->v, s->id_i->v, s->id_i->l) != 0) Could sameone give me a best patch? by Antonio Soreca ant...@ya... ---------------------------------------------------------------------- >Comment By: Aidas Kasparas (monas) Date: 2005-05-31 19:09 Message: Logged In: YES user_id=39627 Fixed in CVS (all three versions) ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1199700&group_id=74601 |
|
From: Aidas K. <mo...@us...> - 2005-05-31 16:08:05
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7052/src/racoon Modified Files: ipsec_doi.c Log Message: Inserted missing 0th element. Bug #1199700 fix. Index: ipsec_doi.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/ipsec_doi.c,v retrieving revision 1.37 retrieving revision 1.38 diff -u -d -r1.37 -r1.38 --- ipsec_doi.c 20 May 2005 01:14:28 -0000 1.37 +++ ipsec_doi.c 31 May 2005 16:07:55 -0000 1.38 @@ -4214,12 +4214,13 @@ #endif static int rm_idtype2doi[] = { - IPSECDOI_ID_FQDN, - IPSECDOI_ID_USER_FQDN, - IPSECDOI_ID_KEY_ID, - 255, /* it's type of "address" + 255, /* IDTYPE_UNDEFINED, 0 */ + IPSECDOI_ID_FQDN, /* IDTYPE_FQDN, 1 */ + IPSECDOI_ID_USER_FQDN, /* IDTYPE_USERFQDN, 2 */ + IPSECDOI_ID_KEY_ID, /* IDTYPE_KEYID, 3 */ + 255, /* IDTYPE_ADDRESS, 4 * it expands into 4 types by another function. */ - IPSECDOI_ID_DER_ASN1_DN, + IPSECDOI_ID_DER_ASN1_DN, /* IDTYPE_ASN1DN, 5 */ }; /* |
|
From: Aidas K. <mo...@us...> - 2005-05-31 16:08:04
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7052 Modified Files: ChangeLog Log Message: Inserted missing 0th element. Bug #1199700 fix. Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.384 retrieving revision 1.385 diff -u -d -r1.384 -r1.385 --- ChangeLog 30 May 2005 20:11:33 -0000 1.384 +++ ChangeLog 31 May 2005 16:07:54 -0000 1.385 @@ -1,3 +1,8 @@ +2005-05-31 Aidas Kasparas <a.k...@gm...> + + * src/racoon/ipsec_doi.c: Inserted missing 0th element of + rm_idtype2doi array. Bug #1199700 fix. + 2005-05-30 Frederic Senault <fr...@la...> * src/racoon/oakley.h: Fix a typo in the RMAUTHMETHOD macro |
|
From: Aidas K. <mo...@us...> - 2005-05-31 06:06:05
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16412 Modified Files: Tag: ipsec-tools-0_6-branch ChangeLog Log Message: Inserted missing 0th element. Bug #1199700 fix. Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.285.2.62 retrieving revision 1.285.2.63 diff -u -d -r1.285.2.62 -r1.285.2.63 --- ChangeLog 23 May 2005 21:06:47 -0000 1.285.2.62 +++ ChangeLog 31 May 2005 06:05:52 -0000 1.285.2.63 @@ -1,3 +1,8 @@ +2005-05-31 Aidas Kasparas <a.k...@gm...> + + * src/racoon/ipsec_doi.c: Inserted missing 0th element of + rm_idtype2doi array. Bug #1199700 fix. + 2005-05-23 Emmanuel Dreyfus <ma...@ne...> * src/racoon/admin.c: build fix |
|
From: Aidas K. <mo...@us...> - 2005-05-31 06:06:03
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16412/src/racoon Modified Files: Tag: ipsec-tools-0_6-branch ipsec_doi.c Log Message: Inserted missing 0th element. Bug #1199700 fix. Index: ipsec_doi.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/ipsec_doi.c,v retrieving revision 1.26.2.7 retrieving revision 1.26.2.8 diff -u -d -r1.26.2.7 -r1.26.2.8 --- ipsec_doi.c 20 May 2005 01:16:00 -0000 1.26.2.7 +++ ipsec_doi.c 31 May 2005 06:05:53 -0000 1.26.2.8 @@ -4165,14 +4165,15 @@ #endif static int rm_idtype2doi[] = { - IPSECDOI_ID_FQDN, - IPSECDOI_ID_USER_FQDN, - IPSECDOI_ID_KEY_ID, - 255, /* it's type of "address" + 255, /* IDTYPE_UNDEFINED, 0 */ + IPSECDOI_ID_FQDN, /* IDTYPE_FQDN, 1 */ + IPSECDOI_ID_USER_FQDN, /* IDTYPE_USERFQDN, 2 */ + IPSECDOI_ID_KEY_ID, /* IDTYPE_KEYID, 3 */ + 255, /* IDTYPE_ADDRESS, 4 * it expands into 4 types by another function. */ - IPSECDOI_ID_DER_ASN1_DN, + IPSECDOI_ID_DER_ASN1_DN, /* IDTYPE_ASN1DN, 5 */ #ifdef ENABLE_HYBRID - 255, /* It's type LOGIN */ + 255, /* IDTYPE_LOGIN, 6 */ #endif }; |
|
From: Aidas K. <mo...@us...> - 2005-05-31 05:56:09
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11042/src/racoon Modified Files: Tag: ipsec-tools-0_5-branch ipsec_doi.c Log Message: Inserted missing 0th element. Bug #1199700 fix. Index: ipsec_doi.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/ipsec_doi.c,v retrieving revision 1.24.2.5 retrieving revision 1.24.2.6 diff -u -d -r1.24.2.5 -r1.24.2.6 --- ipsec_doi.c 25 Apr 2005 22:06:32 -0000 1.24.2.5 +++ ipsec_doi.c 31 May 2005 05:56:00 -0000 1.24.2.6 @@ -4002,14 +4002,15 @@ #endif static int rm_idtype2doi[] = { - IPSECDOI_ID_FQDN, - IPSECDOI_ID_USER_FQDN, - IPSECDOI_ID_KEY_ID, - 255, /* it's type of "address" + 255, /* IDTYPE_UNDEFINED, 0 */ + IPSECDOI_ID_FQDN, /* IDTYPE_FQDN, 1 */ + IPSECDOI_ID_USER_FQDN, /* IDTYPE_USERFQDN, 2 */ + IPSECDOI_ID_KEY_ID, /* IDTYPE_KEYID, 3 */ + 255, /* IDTYPE_ADDRESS, 4 * it expands into 4 types by another function. */ - IPSECDOI_ID_DER_ASN1_DN, + IPSECDOI_ID_DER_ASN1_DN, /* IDTYPE_ASN1DN, 5 */ #ifdef ENABLE_HYBRID - 255, /* It's type LOGIN */ + 255, /* IDTYPE_LOGIN, 6 */ #endif }; |
|
From: Aidas K. <mo...@us...> - 2005-05-31 05:56:08
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11042 Modified Files: Tag: ipsec-tools-0_5-branch ChangeLog Log Message: Inserted missing 0th element. Bug #1199700 fix. Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.262.2.43 retrieving revision 1.262.2.44 diff -u -d -r1.262.2.43 -r1.262.2.44 --- ChangeLog 24 May 2005 07:44:16 -0000 1.262.2.43 +++ ChangeLog 31 May 2005 05:55:50 -0000 1.262.2.44 @@ -1,3 +1,8 @@ +2005-05-31 Aidas Kasparas <a.k...@gm...> + + * src/racoon/ipsec_doi.c: Inserted missing 0th element of + rm_idtype2doi array. Bug #1199700 fix. + 2005-05-24 Yvan Vanhullebus <va...@fr...> * src/racoon/remoteconf.c: Fixed rmconf->script init (coud cause a |
|
From: Frédéric S. <fr...@us...> - 2005-05-30 20:12:53
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5415/src/racoon Modified Files: oakley.h Log Message: Fix a typo in the RMAUTHMETHOD macro definition. Index: oakley.h =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/oakley.h,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- oakley.h 6 Apr 2005 23:07:54 -0000 1.12 +++ oakley.h 30 May 2005 20:12:43 -0000 1.13 @@ -234,7 +234,7 @@ (iph1)->rmconf->proposal->authmethod) #else #define AUTHMETHOD(iph1) (iph1)->approval->authmethod -#define RMAUTHMETHOD(iph1) (iph1)->rmconf->proposal->authmethod) +#define RMAUTHMETHOD(iph1) (iph1)->rmconf->proposal->authmethod #endif /* ENABLE_HYBRID */ #endif /* _OAKLEY_H */ |
|
From: Frédéric S. <fr...@us...> - 2005-05-30 20:12:25
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5141/src/racoon Modified Files: isakmp_cfg.c Log Message: Fix the switch so that the phase1 script is executed at the end of the mode cfg exchange ; add a debug message at the script startup. Index: isakmp_cfg.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/isakmp_cfg.c,v retrieving revision 1.36 retrieving revision 1.37 diff -u -d -r1.36 -r1.37 --- isakmp_cfg.c 9 May 2005 09:25:25 -0000 1.36 +++ isakmp_cfg.c 30 May 2005 20:12:16 -0000 1.37 @@ -442,10 +442,11 @@ * It is done at the end of phase 1 if ISAKMP mode config is not * requested. */ + if ((iph1->status == PHASE1ST_ESTABLISHED) && iph1->rmconf->mode_cfg) { switch (AUTHMETHOD(iph1)) { - case OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_I: + case FICTIVE_AUTH_METHOD_XAUTH_PSKEY_I: case OAKLEY_ATTR_AUTH_METHOD_HYBRID_RSA_I: /* Unimplemented */ case OAKLEY_ATTR_AUTH_METHOD_HYBRID_DSS_I: @@ -1733,6 +1734,8 @@ int i, p; int test; + plog(LLV_DEBUG, LOCATION, NULL, "Starting a script.\n"); + /* * Internal IPv4 address, either if * we are a client or a server. |
|
From: Frédéric S. <fr...@us...> - 2005-05-30 20:11:52
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4734 Modified Files: ChangeLog Log Message: Fix a typo in the RMAUTHMETHOD macro definition. Fix the switch so that the phase1 script is executed at the end of the mode cfg exchange ; add a debug message at the script startup. Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.383 retrieving revision 1.384 diff -u -d -r1.383 -r1.384 --- ChangeLog 23 May 2005 21:05:13 -0000 1.383 +++ ChangeLog 30 May 2005 20:11:33 -0000 1.384 @@ -1,3 +1,12 @@ +2005-05-30 Frederic Senault <fr...@la...> + + * src/racoon/oakley.h: Fix a typo in the RMAUTHMETHOD macro + definition. + + * src/racoon/isakmp_cfg.c: Fix the switch so that the phase1 script + is executed at the end of the mode cfg exchange ; add a debug + message at the script startup. + 2005-05-23 Emmanuel Dreyfus <ma...@ne...> * src/racoon/admin.c: build fix |
|
From: SourceForge.net <no...@so...> - 2005-05-30 11:10:40
|
Bugs item #1211253, was opened at 2005-05-30 13:38 Message generated for change (Comment added) made by monas You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1211253&group_id=74601 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None >Status: Pending Resolution: None Priority: 5 Submitted By: Robert Hua (kernelnewman) Assigned to: Nobody/Anonymous (nobody) Summary: why my racoon don't negotiate? Initial Comment: i user the 2.6.9 kernel and ipsec 0.4.b1 version when two gateway in route mode(tunnel) ,erverting is ok net1 ------gw1(route)------------gw2(transport)------net2 when change one gateway to transport mode , the racoon on this gateway dont't negotiate, i can see the spd user setkey -DP when net2 host ping net1. the racoon don't send negotiation packet ? why this happen ? ---------------------------------------------------------------------- >Comment By: Aidas Kasparas (monas) Date: 2005-05-30 14:10 Message: Logged In: YES user_id=39627 Transport mode can be used only end-to-end connections. I.e. host in net2 has to negotiate SAs with from net1 *directly*. Therefore, it should not negotiate by design! If you think I did not get your problem, please explain in more detail. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1211253&group_id=74601 |
|
From: SourceForge.net <no...@so...> - 2005-05-30 10:38:26
|
Bugs item #1211253, was opened at 2005-05-30 10:38 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1211253&group_id=74601 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Submitted By: Robert Hua (kernelnewman) Assigned to: Nobody/Anonymous (nobody) Summary: why my racoon don't negotiate? Initial Comment: i user the 2.6.9 kernel and ipsec 0.4.b1 version when two gateway in route mode(tunnel) ,erverting is ok net1 ------gw1(route)------------gw2(transport)------net2 when change one gateway to transport mode , the racoon on this gateway dont't negotiate, i can see the spd user setkey -DP when net2 host ping net1. the racoon don't send negotiation packet ? why this happen ? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1211253&group_id=74601 |
|
From: SourceForge.net <no...@so...> - 2005-05-25 13:08:46
|
Bugs item #1208425, was opened at 2005-05-25 14:50 Message generated for change (Comment added) made by maikbachmann You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1208425&group_id=74601 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Configuration Group: 0.5 branch Status: Open Resolution: None Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: ESP Authentication aalgo null problem Initial Comment: ENV: Debian sarge ipsec-tools 0.5.2-1 setkey error EINVAL "invalid argument" This is the SA, -A null returns the EINVAL add 2001:0:0:1:0:0:56:515b 2001:0:0:2:0:0:6a:3a83 esp 1000 -r 0 -m transport -E rijndael-cbc "0123456789012345" -A null; Here is output of setkey -cv darth-vader:/usr/local/etc# sh ipsec.conf | more sadb_msg{ version=2 type=3 errno=0 satype=3 len=19 reserved=0 seq=0 pid=5877 sadb_ext{ len=3 type=9 } sadb_key{ bits=128 reserved=0 key= 30313233 34353637 38393031 32333435 } sadb_ext{ len=2 type=1 } sadb_sa{ spi=1000 replay=0 state=0 auth=251 encrypt=12 flags=0x00000040 } sadb_ext{ len=2 type=19 } sadb_x_sa2{ mode=1 reqid=0 reserved1=0 reserved2=0 sequence=0 } sadb_ext{ len=5 type=5 } sadb_address{ proto=255 prefixlen=128 reserved=0x0000 } sockaddr{ len=28 family=10 port=0 flowinfo=0x00000000, scope_id=0x00000000 20010000 00000001 00000000 0056515b } sadb_ext{ len=5 type=6 } sadb_address{ proto=255 prefixlen=128 reserved=0x0000 } sockaddr{ len=28 family=10 port=0 flowinfo=0x00000000, scope_id=0x00000000 20010000 00000002 00000000 006a3a83 } sadb_msg{ version=2 type=3 errno=22 satype=3 len=2 reserved=0 seq=0 pid=5877 Invalid argument. Moving the ";" around, joining lines etc does not help. From the source files (lex/yacc) it should go into ALG_AUTH_NOKEY branch but this seems not to be working. Also auth 251 from sadb_sa seems strange to me - shouldn't this be 286 ? Thx for help ---Maik ---------------------------------------------------------------------- Comment By: Maik Bachmann (maikbachmann) Date: 2005-05-25 15:08 Message: Logged In: YES user_id=1285136 update: same SA works perfectly on FreeBSD 4.9 ---Maik ---------------------------------------------------------------------- Comment By: Nobody/Anonymous (nobody) Date: 2005-05-25 14:57 Message: Logged In: NO UPDATE: same SA works perfect for FreeBSD4.9 ---Maik ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1208425&group_id=74601 |
|
From: SourceForge.net <no...@so...> - 2005-05-25 12:58:01
|
Bugs item #1208425, was opened at 2005-05-25 05:50 Message generated for change (Comment added) made by nobody You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1208425&group_id=74601 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Configuration Group: 0.5 branch Status: Open Resolution: None Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: ESP Authentication aalgo null problem Initial Comment: ENV: Debian sarge ipsec-tools 0.5.2-1 setkey error EINVAL "invalid argument" This is the SA, -A null returns the EINVAL add 2001:0:0:1:0:0:56:515b 2001:0:0:2:0:0:6a:3a83 esp 1000 -r 0 -m transport -E rijndael-cbc "0123456789012345" -A null; Here is output of setkey -cv darth-vader:/usr/local/etc# sh ipsec.conf | more sadb_msg{ version=2 type=3 errno=0 satype=3 len=19 reserved=0 seq=0 pid=5877 sadb_ext{ len=3 type=9 } sadb_key{ bits=128 reserved=0 key= 30313233 34353637 38393031 32333435 } sadb_ext{ len=2 type=1 } sadb_sa{ spi=1000 replay=0 state=0 auth=251 encrypt=12 flags=0x00000040 } sadb_ext{ len=2 type=19 } sadb_x_sa2{ mode=1 reqid=0 reserved1=0 reserved2=0 sequence=0 } sadb_ext{ len=5 type=5 } sadb_address{ proto=255 prefixlen=128 reserved=0x0000 } sockaddr{ len=28 family=10 port=0 flowinfo=0x00000000, scope_id=0x00000000 20010000 00000001 00000000 0056515b } sadb_ext{ len=5 type=6 } sadb_address{ proto=255 prefixlen=128 reserved=0x0000 } sockaddr{ len=28 family=10 port=0 flowinfo=0x00000000, scope_id=0x00000000 20010000 00000002 00000000 006a3a83 } sadb_msg{ version=2 type=3 errno=22 satype=3 len=2 reserved=0 seq=0 pid=5877 Invalid argument. Moving the ";" around, joining lines etc does not help. From the source files (lex/yacc) it should go into ALG_AUTH_NOKEY branch but this seems not to be working. Also auth 251 from sadb_sa seems strange to me - shouldn't this be 286 ? Thx for help ---Maik ---------------------------------------------------------------------- Comment By: Nobody/Anonymous (nobody) Date: 2005-05-25 05:57 Message: Logged In: NO UPDATE: same SA works perfect for FreeBSD4.9 ---Maik ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1208425&group_id=74601 |
|
From: SourceForge.net <no...@so...> - 2005-05-25 12:50:16
|
Bugs item #1208425, was opened at 2005-05-25 05:50 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1208425&group_id=74601 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Configuration Group: 0.5 branch Status: Open Resolution: None Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: ESP Authentication aalgo null problem Initial Comment: ENV: Debian sarge ipsec-tools 0.5.2-1 setkey error EINVAL "invalid argument" This is the SA, -A null returns the EINVAL add 2001:0:0:1:0:0:56:515b 2001:0:0:2:0:0:6a:3a83 esp 1000 -r 0 -m transport -E rijndael-cbc "0123456789012345" -A null; Here is output of setkey -cv darth-vader:/usr/local/etc# sh ipsec.conf | more sadb_msg{ version=2 type=3 errno=0 satype=3 len=19 reserved=0 seq=0 pid=5877 sadb_ext{ len=3 type=9 } sadb_key{ bits=128 reserved=0 key= 30313233 34353637 38393031 32333435 } sadb_ext{ len=2 type=1 } sadb_sa{ spi=1000 replay=0 state=0 auth=251 encrypt=12 flags=0x00000040 } sadb_ext{ len=2 type=19 } sadb_x_sa2{ mode=1 reqid=0 reserved1=0 reserved2=0 sequence=0 } sadb_ext{ len=5 type=5 } sadb_address{ proto=255 prefixlen=128 reserved=0x0000 } sockaddr{ len=28 family=10 port=0 flowinfo=0x00000000, scope_id=0x00000000 20010000 00000001 00000000 0056515b } sadb_ext{ len=5 type=6 } sadb_address{ proto=255 prefixlen=128 reserved=0x0000 } sockaddr{ len=28 family=10 port=0 flowinfo=0x00000000, scope_id=0x00000000 20010000 00000002 00000000 006a3a83 } sadb_msg{ version=2 type=3 errno=22 satype=3 len=2 reserved=0 seq=0 pid=5877 Invalid argument. Moving the ";" around, joining lines etc does not help. From the source files (lex/yacc) it should go into ALG_AUTH_NOKEY branch but this seems not to be working. Also auth 251 from sadb_sa seems strange to me - shouldn't this be 286 ? Thx for help ---Maik ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=541482&aid=1208425&group_id=74601 |
|
From: VANHULLEBUS Y. <va...@us...> - 2005-05-24 07:44:26
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8288/src/racoon Modified Files: Tag: ipsec-tools-0_5-branch remoteconf.c Log Message: Fixed rmconf->script init (coud cause a crash when shutting down) Index: remoteconf.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/remoteconf.c,v retrieving revision 1.24 retrieving revision 1.24.2.1 diff -u -d -r1.24 -r1.24.2.1 --- remoteconf.c 1 Dec 2004 10:59:41 -0000 1.24 +++ remoteconf.c 24 May 2005 07:44:16 -0000 1.24.2.1 @@ -196,7 +196,7 @@ new->send_cert = TRUE; new->send_cr = TRUE; new->support_proxy = FALSE; - bzero(&new->script[0], sizeof(char *) * (SCRIPT_MAX + 1)); + bzero(&new->script[0], sizeof(vchar_t *) * (SCRIPT_MAX + 1)); new->gen_policy = FALSE; new->retry_counter = lcconf->retry_counter; new->retry_interval = lcconf->retry_interval; |
|
From: VANHULLEBUS Y. <va...@us...> - 2005-05-24 07:44:25
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv8288 Modified Files: Tag: ipsec-tools-0_5-branch ChangeLog Log Message: Fixed rmconf->script init (coud cause a crash when shutting down) Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.262.2.42 retrieving revision 1.262.2.43 diff -u -d -r1.262.2.42 -r1.262.2.43 --- ChangeLog 14 May 2005 06:36:30 -0000 1.262.2.42 +++ ChangeLog 24 May 2005 07:44:16 -0000 1.262.2.43 @@ -1,3 +1,8 @@ +2005-05-24 Yvan Vanhullebus <va...@fr...> + + * src/racoon/remoteconf.c: Fixed rmconf->script init (coud cause a + crash when shutting down). + 2005-05-14 Aidas Kasparas <a.k...@gm...> * src/racoon/sockmisc.c: Debug message said it will send to |
|
From: Emmanuel D. <ma...@us...> - 2005-05-23 21:06:56
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22322 Modified Files: Tag: ipsec-tools-0_6-branch ChangeLog Log Message: Build fix Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.285.2.61 retrieving revision 1.285.2.62 diff -u -d -r1.285.2.61 -r1.285.2.62 --- ChangeLog 20 May 2005 07:35:52 -0000 1.285.2.61 +++ ChangeLog 23 May 2005 21:06:47 -0000 1.285.2.62 @@ -1,3 +1,7 @@ +2005-05-23 Emmanuel Dreyfus <ma...@ne...> + + * src/racoon/admin.c: build fix + --------------------------------------------- 0.6b3 released |
|
From: Emmanuel D. <ma...@us...> - 2005-05-23 21:06:56
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22322/src/racoon Modified Files: Tag: ipsec-tools-0_6-branch admin.c Log Message: Build fix Index: admin.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/admin.c,v retrieving revision 1.17.2.2 retrieving revision 1.17.2.3 diff -u -d -r1.17.2.2 -r1.17.2.3 --- admin.c 7 May 2005 17:26:05 -0000 1.17.2.2 +++ admin.c 23 May 2005 21:06:47 -0000 1.17.2.3 @@ -96,7 +96,7 @@ { int so2; struct sockaddr_storage from; - int fromlen = sizeof(from); + socklen_t fromlen = sizeof(from); struct admin_com com; char *combuf = NULL; pid_t pid = -1; |
|
From: Emmanuel D. <ma...@us...> - 2005-05-23 21:05:24
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21950/src/racoon Modified Files: admin.c Log Message: Build fix Index: admin.c =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/src/racoon/admin.c,v retrieving revision 1.20 retrieving revision 1.21 diff -u -d -r1.20 -r1.21 --- admin.c 6 May 2005 22:52:16 -0000 1.20 +++ admin.c 23 May 2005 21:05:14 -0000 1.21 @@ -96,7 +96,7 @@ { int so2; struct sockaddr_storage from; - int fromlen = sizeof(from); + socklen_t fromlen = sizeof(from); struct admin_com com; char *combuf = NULL; pid_t pid = -1; |
|
From: Emmanuel D. <ma...@us...> - 2005-05-23 21:05:23
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21950 Modified Files: ChangeLog Log Message: Build fix Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.382 retrieving revision 1.383 diff -u -d -r1.382 -r1.383 --- ChangeLog 20 May 2005 07:35:17 -0000 1.382 +++ ChangeLog 23 May 2005 21:05:13 -0000 1.383 @@ -1,3 +1,7 @@ +2005-05-23 Emmanuel Dreyfus <ma...@ne...> + + * src/racoon/admin.c: build fix + 2005-05-20 Emmanuel Dreyfus <ma...@ne...> From Mike Robinson <sun...@us...> |
|
From: Emmanuel D. <ma...@us...> - 2005-05-20 07:36:08
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30882 Modified Files: Tag: ipsec-tools-0_6-branch ChangeLog configure.ac Log Message: FIx typo, bump to 0.6b3 Index: configure.ac =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/configure.ac,v retrieving revision 1.47.2.12 retrieving revision 1.47.2.13 diff -u -d -r1.47.2.12 -r1.47.2.13 --- configure.ac 10 May 2005 10:25:59 -0000 1.47.2.12 +++ configure.ac 20 May 2005 07:35:52 -0000 1.47.2.13 @@ -2,7 +2,7 @@ dnl $Id$ AC_PREREQ(2.52) -AC_INIT(ipsec-tools, 0.6b2) +AC_INIT(ipsec-tools, 0.6b3) AC_CONFIG_SRCDIR([configure.ac]) AM_CONFIG_HEADER(config.h) Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.285.2.60 retrieving revision 1.285.2.61 diff -u -d -r1.285.2.60 -r1.285.2.61 --- ChangeLog 20 May 2005 07:31:09 -0000 1.285.2.60 +++ ChangeLog 20 May 2005 07:35:52 -0000 1.285.2.61 @@ -1,7 +1,11 @@ +--------------------------------------------- + + 0.6b3 released + 2005-05-20 Emmanuel Dreyfus <ma...@ne...> From Mike Robinson <sun...@us...> - * src/racoon/isakmp.c: really delete phase 1 on Xauth failure + * src/racoon/isakmp_xauth.c: really delete phase 1 on Xauth failure * src/libipsec/pfkey.c src/racoon/ipsec_doi.c: Fix NAT-T + IPcomp |
|
From: Emmanuel D. <ma...@us...> - 2005-05-20 07:35:27
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30822 Modified Files: ChangeLog Log Message: typo Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.381 retrieving revision 1.382 diff -u -d -r1.381 -r1.382 --- ChangeLog 20 May 2005 07:24:12 -0000 1.381 +++ ChangeLog 20 May 2005 07:35:17 -0000 1.382 @@ -1,7 +1,7 @@ 2005-05-20 Emmanuel Dreyfus <ma...@ne...> From Mike Robinson <sun...@us...> - * src/racoon/isakmp.c: really delete phase 1 on Xauth failure + * src/racoon/isakmp_xauth.c: really delete phase 1 on Xauth failure * src/libipsec/pfkey.c src/racoon/ipsec_doi.c: Fix NAT-T + IPcomp |
|
From: Emmanuel D. <ma...@us...> - 2005-05-20 07:31:20
|
Update of /cvsroot/ipsec-tools/ipsec-tools In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30064 Modified Files: Tag: ipsec-tools-0_6-branch ChangeLog Log Message: Really delete phase 1 on xauth failure Index: ChangeLog =================================================================== RCS file: /cvsroot/ipsec-tools/ipsec-tools/ChangeLog,v retrieving revision 1.285.2.59 retrieving revision 1.285.2.60 diff -u -d -r1.285.2.59 -r1.285.2.60 --- ChangeLog 20 May 2005 01:15:59 -0000 1.285.2.59 +++ ChangeLog 20 May 2005 07:31:09 -0000 1.285.2.60 @@ -1,5 +1,8 @@ 2005-05-20 Emmanuel Dreyfus <ma...@ne...> + From Mike Robinson <sun...@us...> + * src/racoon/isakmp.c: really delete phase 1 on Xauth failure + * src/libipsec/pfkey.c src/racoon/ipsec_doi.c: Fix NAT-T + IPcomp From hgates <hga...@gm...> |
