[Openswan Users] Re: [OpenSC-devel] freeswan with opensc

Andreas Steffen andreas.steffen at strongsec.net
Wed Mar 31 20:00:37 CEST 2004 

I have a working environment with freeswan-2.04 and x509-1.5.3 running
on a Linux 2.6.3 kernel. I'm using an Aladdin eToken Pro32k with
opensc-0.8.1 and openct-0.5.0. Two of my students are currently
implementing a PKCS#11 interface for strongSwan using a Schlumberger
Cryptoflex 8k with a serial Reflex Reader and don't report any problems
either. Nothing special must be configured in OpenSC in order to work
with Pluto. Can you browse the file structure of your smartcard/token
using opensc-explorer?

Kind regards

Andreas

David Mattes wrote:
> Hi,
> 
> I'm getting errors using freeswan-2.04 with Andreas Steffen's X.509 
> patch (version 1.4.8) and opensc-20040119 (0.8.1 snapshot).  I've had 
> this combination working before with earlier versions.  Has anybody 
> noticed anything breaking lately?  I'm asking before I try to start 
> debugging it.  From the error messages it looks like 
> sc_establish_context is not returning any readers.  Could not declaring 
> ctx = NULL before the call be the problem?
> 
> snippet from freeswan-2.04/programs/pluto/smartcard.c
> ===================================================
> bool
> scx_establish_context(u_int card_reader)
> {
> #ifdef SMARTCARD
>    int r;
> 
>    /* establish a context */
>    r = sc_establish_context(&ctx, "pluto");
>    if (r)
>    {
>    plog("failed to establish context: %s", sc_strerror(r));
>    return FALSE;
>    }
> 
>    /* test if reader card_reader is available */
>    if (card_reader >= (unsigned int) ctx->reader_count)
>    {
>    plog("illegal reader number - only %d reader(s) configured."
>        , ctx->reader_count);
>    return FALSE;
>    }
> =====================================================
> 
> pluto errors
> =====================================================
> Mar 31 07:52:38 gandalf pluto[3816]:   Warning: empty directory
> Mar 31 07:52:39 gandalf pluto[3816]: illegal reader number - only 0 
> reader(s) configured.
> Mar 31 07:52:39 gandalf pluto[3816]: added connection description 
> "smartcard"
> Mar 31 07:52:39 gandalf pluto[3816]: listening for IKE messages
> Mar 31 07:52:39 gandalf pluto[3816]: adding interface ipsec0/eth2 
> 130.42.32.235
> Mar 31 07:52:39 gandalf pluto[3816]: loading secrets from 
> "/etc/ipsec.secrets"
> Mar 31 07:52:39 gandalf pluto[3816]: illegal reader number - only 0 
> reader(s) configured.
> Mar 31 07:52:39 gandalf pluto[3816]: unable to establish context with 
> reader: Unknown error
> Mar 31 07:52:39 gandalf pluto[3816]:   invalid PIN for reader: 0, id: 45
> ======================================================
> _______________________________________________
> OpenSC-devel mailing list
> OpenSC-devel at opensc.org
> http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel


-- 
=======================================================================
Andreas Steffen                   e-mail: andreas.steffen at strongsec.com
strongSec GmbH                    home:   http://www.strongsec.com
Alter Zürichweg 20                phone:  +41 1 730 80 64
CH-8952 Schlieren (Switzerland)   fax:    +41 1 730 80 65
==========================================[strong internet security]===

More information about the Users mailing list