[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-dev
Subject: [Openswan dev] problems with USE_LIBNSS
From: Tuomo Soini <tis () foobar ! fi>
Date: 2009-12-29 21:21:40
Message-ID: 4B3A72E4.90309 () foobar ! fi
[Download RAW message or body]
I tried to test openswan-2.6.24rc5 compiled with nss support. I couldn't
get it working and after some investigation I found out this by stracing
pluto:
stat("sql:/etc/ipsec.d/cert8.db", 0x7fffe95e04c0) = -1 ENOENT (No such
file or directory)
and
open("sql:/etc/ipsec.d/cert8.db", O_RDWR) = -1 ENOENT (No such file or
directory)
On log I see this:
Dec 29 20:56:34 usik pluto[21767]: nss directory plutomain: sql:/etc/ipsec.d
Dec 29 20:56:34 usik pluto[21767]: NSS initialization failed (err -8174)
I'm not first one to find out NSS support doesn't work on
openswan-2.6.24rc series but I did dig deeper and found a difference
from openswan-2.6.21 nss patch used in rhel5 and nss patch which got
included into openswan git tree.
openswan-2.6.21-nss.patch has this change for plutomain.c
+ snprintf(buf, sizeof(buf), "%s",oco->confddir);
and git tree has:
+ snprintf(buf, sizeof(buf), "sql:%s",oco->confddir);
I'm quite sure removing this sql: from code will fix it but can you
confirm this? Doesn't fedora version of openswan have this same problem?
--
Tuomo Soini <tis@foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <http://foobar.fi/>
_______________________________________________
Dev mailing list
Dev@openswan.org
http://lists.openswan.org/mailman/listinfo/dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic