[Openswan Users] IKE and SHA2

Paul Wouters paul at xelerance.com
Thu Mar 25 10:10:26 CET 2004


On Thu, 25 Mar 2004, Tiago Freitas Leal wrote:

> On SuperFreeS/WAN 1.99.8 when using
> 
> ike=<enc>-sha2_256 or ike=<enc>-sha2_512
> 
> ipsec auto --status and ipsec whack --status fail to execute until the last connection. They end ("crash") with the first connection description that uses sha2.
> 
> MOST IMPORTANT - pluto restarts.

That is very bad.
 
> Is it fixed in OpenSwan?

I don't know. Can you try it with Openswan 1.0.2?

> Should I do report it to someone else or are the developers reading this mailing list?

We are here :)

If openswan still crashes, can you define dumpdir=/tmp in ipsec.conf and 
make it crash and then use gdb on the core file and see what it says. If you
are not familiar with gdb, drop by on the #openswan channel for help.
(irc.freenode.net)

Paul



More information about the Users mailing list