[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec-tools-devel
Subject: [Ipsec-tools-devel] General error events
From: Alexander Sbitnev <alexander.sbitnev () gmail ! com>
Date: 2013-11-20 9:28:03
Message-ID: 528C80A3.4000506 () gmail ! com
[Download RAW message or body]
Is there any interest in adding error event for racoon management
interfaces?
Current event list contains no events to indicate errors happening
during Phase 1 and 2 processing:
#define EVT_RACOON_QUIT 0x0001
#define EVT_PHASE1_UP 0x0100
#define EVT_PHASE1_DOWN 0x0101
#define EVT_PHASE1_NO_RESPONSE 0x0102
#define EVT_PHASE1_NO_PROPOSAL 0x0103
#define EVT_PHASE1_AUTH_FAILED 0x0104
#define EVT_PHASE1_DPD_TIMEOUT 0x0105
#define EVT_PHASE1_PEER_DELETED 0x0106
#define EVT_PHASE1_MODE_CFG 0x0107
#define EVT_PHASE1_XAUTH_SUCCESS 0x0108
#define EVT_PHASE1_XAUTH_FAILED 0x0109
#define EVT_PHASE2_NO_PHASE1 0x0200
#define EVT_PHASE2_UP 0x0201
#define EVT_PHASE2_DOWN 0x0202
#define EVT_PHASE2_NO_RESPONSE 0x0203
For example in case of rsa signature auth and if private key can't be
read there is no event generation.
Only bunch of debug messages in log:
2013-11-20 12:14:06: ERROR: oakley.c:1808:oakley_getsign(): failed to
get private key.
2013-11-20 12:14:06: [192.168.100.1] ERROR: isakmp.c:847:ph1_main():
failed to process ph1 packet (side: 0, status: 6).
2013-11-20 12:14:06: [192.168.100.1] ERROR: isakmp.c:613:isakmp_main():
phase1 negotiation failed.
2013-11-20 12:14:06: DEBUG: isakmp_cfg.c:2071:isakmp_cfg_setenv():
Starting a script.
2013-11-20 12:14:06: DEBUG: oakley.c:3023:oakley_delivm(): IV freed
Only errors caused by interaction with peer are reported through events.
Not even EVT_PHASE1_DOWN.
I am advocating for addition of generic errors events for both phases.
Something like EVT_PHASE1_ERROR and EVT_PHASE2_ERROR.
Is there any chances for my changes to get in source tree? Or maybe I
shouldn't be bothering with creating of patch?
Not much activity here for last year.
------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
Ipsec-tools-devel mailing list
Ipsec-tools-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic