[Openswan Users] Using 1DES :(
rajkumars at asianetindia.com
Fri Sep 2 18:31:07 CEST 2005
Paul Wouters wrote:
> On Fri, 2 Sep 2005, Rajkumar S wrote:
>>> Please grab the 2.4.0rc4.src.rpm that is on the FC3 directory on
>>> and build and install binaries from there using rpmbuild -bb
>>> There are known crashers in openswan-2.3.x.
>> I am on Debian, is it okay if I just grab the source and compile ?
> Of course.
I had complied openswan-2.4.0rc4 with just USE_WEAKSTUFF?=true using gcc-3.3 for kernel
2.4.21. When I tried to start ipsec with the command "ipsec auto --up sample" I got the
003 "sample": requested kernel enc ealg_id=2 not present
034 "sample": can not initiate: no acceptable kernel algorithms loaded
My ipsec.conf (in bief) has
So to test if I need USE_EXTRACRYPTO?=true also enabled, I compiled openswan-2.4.0rc4
with USE_WEAKSTUFF?=true and USE_EXTRACRYPTO?=true Since gcc-3.3 was giving me errors I
used gcc-2.95 to compile the kernel and openswan.
I started the ipsec using /etc/init.d/ipsec start and it started fine, but as I gave the
command ipsec auto --status | grep alg.*ESP to list the algos available, pluto segfaulted.
Sep 2 17:02:35 localhost ipsec_setup: KLIPS debug `none'
Sep 2 17:02:35 localhost ipsec_setup: KLIPS ipsec0 on eth0 184.108.40.206/255.255.255.248
Sep 2 17:02:35 localhost ipsec_setup: ...Openswan IPsec started
Sep 2 17:02:35 localhost ipsec_setup: Starting Openswan IPsec 2.4.0rc4...
Sep 2 17:02:46 localhost ipsec__plutorun: /usr/local/lib/ipsec/_plutorun: line
1: 4784 Segmentation fault /usr/local/libexec/ipsec/pluto --nofork --secretsfile
/etc/ipsec.secrets --ipsecdir /etc/ipsec.d --debug-all --use-auto --uniqueids
Sep 2 17:02:46 localhost ipsec__plutorun: !pluto failure!: exited with error status 139
Sep 2 17:02:46 localhost ipsec__plutorun: restarting IPsec after pause...
So here I guess there is a bug.
Now, How can I make sure that the compiled code has 1DES enabled? It seems to me that till
now I have never actually enabled 1DES in all the compilations.
More information about the Users