[Openswan Users] packet rejected: should have been encrypted
- issue 267?
Bram Bouwens
bbouwens at xs4all.nl
Wed Jul 6 12:17:17 CEST 2005
Paul Wouters wrote:
> On Mon, 4 Jul 2005, Bram Bouwens wrote:
>
>> For a more complete picture:
>>
>> - the openswan ipsec.conf at http://80.126.5.18/ipsec.conf
>> - the openswan log at http://80.126.5.18/secure.log (why does Pluto
>> restart????)
>
>
>> Starting Pluto (Openswan Version cvs2002Mar11_19:19:03
>
>
> Please try 2.3.1
>
...
Linux Openswan U2.3.1/K2.1.2rc3 (klips)
>> - the windows ipsec.conf at http://80.126.5.18/winipsec.conf
>> - the windows oakley log at http://80.126.5.18/oakley.log (GetPacket
>> failed? CertFindExtenstion failed?)
>
...
>
>> I really don't see what's happening. I have been running
>> freeswan/openswan
>> for 4 years (linux-linux) with hardly any trouble, but this is pretty
>> vague to me.
>
>
> I am not sure what is happening either. I suspect a bug in the CVS version
> of openswan that you are running.
With 2.3.1 the behaviour is very much the same. I updated the logfiles pointed
to above.
I DO observe:
Jul 5 10:06:02 port pluto[6328]: "roadwarrior"[2] 80.126.5.18 #4: ASSERTION FAILED at crypto.c:219: st->st_new_iv_len >= e->enc_blocksize
which I think relates to
http://bugs.xelerance.com/view.php?id=267
Maybe this explains also why pluto is restarted. If I can contribute to a solution
let me know.
Bram
More information about the Users
mailing list