Subject: Re: bin/29915 Can't setkey for tcp-md5 anymore
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Peter Eisch <peter@boku.net>
List: netbsd-bugs
Date: 04/09/2005 02:41:02
The following reply was made to PR bin/29915; it has been noted by GNATS.

From: Peter Eisch <peter@boku.net>
To: Emmanuel Dreyfus <manu@netbsd.org>, <gnats-bugs@netbsd.org>
Cc: 
Subject: Re: bin/29915 Can't setkey for tcp-md5 anymore
Date: Fri, 08 Apr 2005 21:41:12 -0500

 While the second patch didn't apply cleanly, it does get further.  With
 tcpdump I don't see the md5's on the packets, though the dump below shows
 many of the proper values of the IPs and it seems to have the value for the
 auth type.  Is the 'Invalid SA type' because libipsec doesn't know about
 proto tcp and the tcp-md5 algorithm?
 
 slink# /builds/current/sparc64/dest/sbin/setkey -vD
 sadb_msg{ version=2 type=10 errno=0 satype=0
   len=2 reserved=0 seq=0 pid=23969
 
 sadb_msg{ version=2 type=10 errno=0 satype=11
   len=18 reserved=1 seq=1 pid=23969
 sadb_ext{ len=2 type=1 }
 sadb_sa{ spi=4096 replay=0 state=1
   auth=252 encrypt=0 flags=0x00000040 }
 sadb_ext{ len=2 type=19 }
 sadb_x_sa2{ mode=0 reqid=0
   reserved1=0 reserved2=0 sequence=0 }
 sadb_ext{ len=4 type=2 }
 sadb_lifetime{ alloc=0, bytes=0
   addtime=1113013047, usetime=0 }
 sadb_ext{ len=3 type=5 }
 sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
 sockaddr{ len=16 family=2 port=0
  0c1e411b  }
 sadb_ext{ len=3 type=6 }
 sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
 sockaddr{ len=16 family=2 port=0
  cc828417  }
 sadb_ext{ len=2 type=8 }
 sadb_key{ bits=48 reserved=0
   key= 666f6f62 6172 }
 
 Invalid SA type
 sadb_msg{ version=0 type=0 errno=0 satype=0
   len=0 reserved=0 seq=0 pid=0
 
 sadb_msg{ version=2 type=10 errno=0 satype=11
   len=18 reserved=1 seq=0 pid=23969
 sadb_ext{ len=2 type=1 }
 sadb_sa{ spi=4096 replay=0 state=1
   auth=252 encrypt=0 flags=0x00000040 }
 sadb_ext{ len=2 type=19 }
 sadb_x_sa2{ mode=0 reqid=0
   reserved1=0 reserved2=0 sequence=0 }
 sadb_ext{ len=4 type=2 }
 sadb_lifetime{ alloc=0, bytes=0
   addtime=1113013047, usetime=0 }
 sadb_ext{ len=3 type=5 }
 sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
 sockaddr{ len=16 family=2 port=0
  cc828417  }
 sadb_ext{ len=3 type=6 }
 sadb_address{ proto=255 prefixlen=32 reserved=0x0000 }
 sockaddr{ len=16 family=2 port=0
  0c1e411b  }
 sadb_ext{ len=2 type=8 }
 sadb_key{ bits=48 reserved=0
   key= 666f6f62 6172 }
 
 Invalid SA type
 sadb_msg{ version=0 type=0 errno=0 satype=0
   len=0 reserved=0 seq=0 pid=0
 
 slink# 
 
 
 Thanks,
 
 peter