(usagi-users 02416) Re: IPsec 2.5.70-bk9 and FreeS/WAN 1.99 with algopatches 0.8.1rc2

["Dr. Peter Bieringer" <pb@xxxxxxxxxxxx>]

Ohoh, sorry for confusions, my racoon here was a little bit buggy...

...be warned, not using RHL's ipsec-tools from rawhide...looks like the 
racoon isn't compiled in a proper environment :-( it doesn't support DES 
and causes trouble on 3DES *grmml*).

The reported 3DES problem was solved now by using a fresh compiled one.

But the AES one still occurs.

> FreeS/WAN:
> 112 "freeswan-racoon-tunnel" #14: STATE_QUICK_I1: initiate
> 003 "freeswan-racoon-tunnel" #14: ESP transform ESP_AES passed key_len=32
> > 16 032 "freeswan-racoon-tunnel" #14: STATE_QUICK_I1: internal error

Or on 192 bits:

112 "freeswan-racoon-tunnel" #15: STATE_QUICK_I1: initiate
003 "freeswan-racoon-tunnel" #15: ESP transform ESP_AES passed key_len=24 > 
16
032 "freeswan-racoon-tunnel" #15: STATE_QUICK_I1: internal error

Strange, looks like racoon reports always AES key length 16*8, but in 
raccoon.conf was "aes 192" or "aes 256" specified.


	Peter, partially happy now
--
Dr. Peter Bieringer                     http://www.bieringer.de/pb/
GPG/PGP Key 0x958F422D               mailto: pb at bieringer dot de
Deep Space 6 Co-Founder and Core Member  http://www.deepspace6.net/