[Openswan Users] netkey to klips error: EXPECTATION FAILED
John A. Sullivan III
jsullivan at opensourcedevel.com
Mon Jun 16 11:00:20 EDT 2008
On Mon, 2008-06-09 at 23:19 -0400, Paul Wouters wrote:
>
> > pluto[2610]: "Manchester2RAS" #1737: EXPECTATION FAILED
> > at /src/openswan-2.5.17/programs/pluto/kernel.c:2581:
> > kernel_ops->eroute_idle != NULL
> >
> > As it says, we are running openswan 2.5.17 on RedHat Enterprise Linux 5.
>
> Please switch to 2.6.14. We are no longer going to maintain the 2.5.17
> line. 2.6.14 is also what is shipped with RHEL 5.2
>
> > I found very little information googling for this error other than a
> > recently closed bug report in openswan 2.6. What's causing it and how
> > do I fix it in openswan 2.5.17? Thanks - John
>
> kernel_netlink.c has a bunch of stubs for the kernel_ops functions in
> netkey, where before they used the same codepath as klips (sometimes with
> wrong assumtions such as klips doing group delete, but netkey not doing
> those).
>
> Paul
Thanks, Paul. That did the trick. However, we are now picking up a
number of disturbing errors such as:
Jun 16 09:54:00 niagras1 pluto[2825]: "Buffalo2RAS" #1802: next payload
type of ISAKMP Hash Payload has an unknown value: 252
Jun 16 09:54:00 niagras1 pluto[2825]: "Buffalo2RAS" #1802: malformed
payload in packet
Jun 16 09:54:00 niagras1 pluto[2825]: "Buffalo2RAS" #1802: too many
(909522487) malformed payloads. Deleting state
Jun 16 09:31:39 niagras1 pluto[2825]: "Buffalo2RAS" #1637:
alloc_bytes1() was mistakenly asked to malloc 0 bytes for st_skey_ar in
duplicate_state, please report to dev at openswan.org
We suspect this may be due to enabling compression between the 2.6 and
the 2.4 devices. We'll see what happens when our client disables
compression - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com
http://www.spiritualoutreach.com
Making Christianity intelligible to secular society
More information about the Users
mailing list