[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

2.8 breaks isakmpd

I am using OpenBSD and previously, I was able to use isakmpd
successfully with PGPnet.  However, I recently upgraded to 2.8,
specifically (uname -a output):
OpenBSD Tesla.i-pi.com 2.8 TESLA#2 i386

When I try to connect, the negotiation proceeds correctly, and the Mac
running PGPnet reports an SA has been created.  However, the OpenBSD
machine had no knowledge of this SA, neither in /kern/ipsec nor in
netstat -rn -f encap

The message appearing in /var/log/messages is:
Nov 17 17:03:17 Tesla isakmpd: pf_key_v2_write: writev (3, 0x0x118440, 6) failed: Invalid argument
Nov 17 17:03:17 Tesla isakmpd: pf_key_v2_write: writev (3, 0x0x118400, 7) failed: Invalid argument

Looking through the mailing list archives, I saw a suggestion to make
sure isakmpd and the kernel match.  They were both build from the same
cvsup of source from cvsup.uk.openbsd.org last night.  Out of paranoia,
I just cvsupped the source again, no changes occurred to isakmpd.  I
booted the new kernel and the problem still occurs.

Other suggestions?