[Bug 388623] New: PF_KEY can't work without ipv6 enable
https://bugzilla.novell.com/show_bug.cgi?id=388623 Summary: PF_KEY can't work without ipv6 enable Product: openSUSE 11.0 Version: Beta 2 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: bili@novell.com QAContact: kernel-maintainers@forge.provo.novell.com Found By: --- I use the novell-ipsec-tools for connecting the vpn server. https://bugzilla.novell.com//show_bug.cgi?id=381769 It works fine in 10.3 without ipv6 enable. In 11.0 beta2, it couldn't work when ipv6 disabled. It call the send api send to a PF_KEY socket. so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2) if ((len = send(so, (void *)msg, (socklen_t)len, 0)) < 0) { __ipsec_set_strerror(strerror(errno)); return -1; } send is ok, but it receive the msg: Apr 29 18:32:18 Azi racoon: DEBUG: pfkey.c:232:pfkey_handler(): get pfkey UPDATE message Apr 29 18:32:18 Azi racoon: DEBUG2: plog.c:208:plogdump(): 02025d03 02000000 f561330f a5170000 Apr 29 18:32:18 Azi racoon: ERROR: pfkey.c:247:pfkey_handler(): pfkey UPDATE failed: Protocol not supported Apr 29 18:32:18 Azi racoon: DEBUG: pfkey.c:232:pfkey_handler(): get pfkey ADD message Apr 29 18:32:18 Azi racoon: DEBUG2: plog.c:208:plogdump(): 02035d03 02000000 f561330f a5170000 Apr 29 18:32:18 Azi racoon: ERROR: pfkey.c:247:pfkey_handler(): pfkey ADD failed: Protocol not supported and the pfkey_handler() call the recv, *lenp = recv(so, (caddr_t)&buf, sizeof(buf), MSG_PEEK); the recv's messsage structure from /usr/include/linux/pfkeyv2.h struct sadb_msg { uint8_t sadb_msg_version; uint8_t sadb_msg_type; uint8_t sadb_msg_errno; uint8_t sadb_msg_satype; uint16_t sadb_msg_len; uint16_t sadb_msg_reserved; uint32_t sadb_msg_seq; uint32_t sadb_msg_pid; } __attribute__((packed)); so from "02025d03 02000000 f561330f a5170000", the errno is 0x5d, it means EPROTONOSUPPORT. It's related to the esp4.ko, when I removed the esp4.ko in 10.3, then it prompt the same message: Protocol not support. When I enable the ipv6 in yast it works fine. And I found kernel load the esp4 and xfrm6_mode_tunnel, if disable ipv6, the kernel couldn't load the esp4, in my opinion it caused by not loading the xfrm6_mode_tunnel, so it received the error message. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=388623
Stephan Kulow
https://bugzilla.novell.com/show_bug.cgi?id=388623
User kkeil@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=388623#c1
Karsten Keil
https://bugzilla.novell.com/show_bug.cgi?id=388623
Karsten Keil
https://bugzilla.novell.com/show_bug.cgi?id=388623
User bili@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=388623#c2
Li Bin
https://bugzilla.novell.com/show_bug.cgi?id=388623
Greg Kroah-Hartman
https://bugzilla.novell.com/show_bug.cgi?id=388623
Greg Kroah-Hartman
https://bugzilla.novell.com/show_bug.cgi?id=388623
User bili@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=388623#c3
Li Bin
https://bugzilla.novell.com/show_bug.cgi?id=388623
Karsten Keil
https://bugzilla.novell.com/show_bug.cgi?id=388623
User kkeil@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=388623#c4
Karsten Keil
https://bugzilla.novell.com/show_bug.cgi?id=388623
User bili@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=388623#c5
--- Comment #5 from Li Bin
https://bugzilla.novell.com/show_bug.cgi?id=388623
User bili@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=388623#c6
Li Bin
https://bugzilla.novell.com/show_bug.cgi?id=388623
User kkeil@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=388623#c7
Karsten Keil
participants (1)
-
bugzilla_noreply@novell.com