Re: kern/44843: IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable

[Paul Koning <paul_koning%dell.com@localhost>]

IPSec uses those two protocols; if you tell NetBSD to implement them in the 
kernel, why would you expect to be able to access them from userland?

        paul

On Apr 8, 2011, at 11:25 AM, <msporleder%gmail.com@localhost> wrote:

>> Number:         44843
>> Category:       kern
>> Synopsis:       IPSEC in kernel make IPPROTO_ESP and IPPROTO_AH unusable
>> Confidential:   no
>> Severity:       serious
>> Priority:       medium
>> Responsible:    kern-bug-people
>> State:          open
>> Class:          sw-bug
>> Submitter-Id:   net
>> Arrival-Date:   Fri Apr 08 15:25:00 +0000 2011
>> Originator:     matthew sporleder
>> Release:        5.1
>> Organization:
> mspo.com
>> Environment:
> NetBSD vc136-15.vc.panix.com 5.1 NetBSD 5.1 (PANIX-VC) #0: Thu Mar 10 
> 01:49:14 EST 2011  
> root%juggler.panix.com@localhost:/misc/obj/misc/devel/netbsd/5.1/src/sys/arch/amd64/compile/PANIX-VC
>  amd64
> 
>> Description:
> I have IPSEC in my kernel and am unable to open sockets IPPROTO_ESP or 
> IPPROTO_AH.
> 
> This does not seem to happen if the kernel does not have ipsec so I think 
> it's a bug.
>> How-To-Repeat:
> 
> 
> #include <stdio.h>
> #include <sys/socket.h>
> #include <netinet/in.h>
> #include <errno.h>
> #include <string.h>
> 
> int main(int argc, char *argv[])
> {
> int sock;
> sock = socket(PF_INET, SOCK_RAW, IPPROTO_ESP);
> if ( sock < 0 )
> {
>   perror("sock problem");
> }
> 
> }
> 
> 
> sock problem: Protocol not supported
>> Fix:
>