Romain Francoise told me that:
> I tried out ipsec-tools 0.3rc3 and found out that while AES encryption
> works great on a machine with OpenSSL 0.9.6c, it just makes racoon
> segfault on one with OpenSSL 0.9.7c.
> Reverting to 3DES makes the tunnel work again. This is on a Debian
> unstable system with the 2.6.4 kernel. FWIW, I had no issues whatsoever
> with OpenSSL 0.9.7 and my previous version of ipsec-tools (0.2.2).
First of all - the correct place to send bugreports is the mailing list,
not any of the addresses found in the ChangeLog. Nevertheless thanks for
reporting this issue :-)
With older IPsec-tools (<= 0.2.x) and/or older OpenSSL < 0.9.7 we didn't
use the AES engine proveded by OpenSSL. However with the newest version
of both there was apparently a bug in their interoperability.
I have fixed it in the CVS and it will also be fixed in the next 0.3
release (either rc4 or final). Appending the patch for your convenience.
Everybody: please test the release candidates and report any bugs!
* A mouse is a device used to point at the xterm you want to type in.
* Personal homepage - http://www.logix.cz/michal