Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 9 Dec 2003 23:52:31 +0100
From:      Marco Wertejuk <wertejuk@mwcis.com>
To:        current@freebsd.org
Subject:   Is racoon known to be broken?
Message-ID:  <20031209225231.GA2133@maeko.hayai.de>

next in thread | raw e-mail | index | archive | help
Hello,

today I tried to use racoon for isakmp, compiled it from my
(todays) ports tree (portversion: 20030826a).
The port compiled without problems but when I try to run
racoon without modifying the default config it tells me,
it could not parse the configuration file but truss shows
this strange error (output from truss)

lstat("/usr/local/etc/racoon/racoon.conf",0xbfbfd2b0) = 0 (0x0)
open("/usr/local/etc/racoon/racoon.conf",0x0,0666) = 5 (0x5)
break(0x80ae000)                                 = 0 (0x0)
ioctl(5,TIOCGETA,0xbfbfeb20)                     ERR#25 'Inappropriate ioctl for device'
break(0x80af000)                                 = 0 (0x0)
fstat(5,0xbfbfe650)                              = 0 (0x0)
break(0x80b3000)                                 = 0 (0x0)
read(0x5,0x80af000,0x4000)                       = 3080 (0xc08)
read(0x5,0x80af000,0x4000)                       = 0 (0x0)
gettimeofday(0xbfbfd848,0x0)                     = 0 (0x0)
...

I could not get racoon running even after modifying the
config file and the same configs are running in 4-Stable.

When running racoon with -F -d it tells about 3DES
being unsupported, I rebuilt world and my kernel
to make sure it's not an out of sync problem but
it persists:

INFO: main.c:172:main(): @(#)package version freebsd-20030826a
INFO: main.c:174:main(): @(#)internal version 20001216 sakane@kame.net
INFO: main.c:175:main(): @(#)This product linked OpenSSL 0.9.7c 30 Sep 2003 (http://www.openssl.org/)
DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for AH
DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for ESP
DEBUG: pfkey.c:371:pfkey_init(): call pfkey_send_register for IPCOMP
DEBUG: cftoken.l:578:yycf_set_buffer(): reading config file /usr/local/etc/racoon/racoon.conf
WARNING: cftoken.l:514:yywarn(): /usr/local/etc/racoon/racoon.conf:66: "support_mip6" it is obsoleted.  use "support_proxy".
DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
DEBUG: algorithm.c:614:alg_oakley_dhdef(): hmac(modp1024)
ERROR: pfkey.c:2325:pk_checkalg(): Must get supported algorithms list first.
ERROR: cftoken.l:494:yyerror(): /usr/local/etc/racoon/racoon.conf:103: ";" algorithm 3DES not supported
ERROR: cfparse.y:1397:cfparse(): fatal parse failure (1 errors)

Anyone seen this problem before?

-- 
Mit freundlichen Gruessen,
Marco Wertejuk - mwcis.com
Consulting & Internet Solutions



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031209225231.GA2133>