Re: [Ipsec-tools-devel] [ANNOUNCE] Ipsec-tools 0.6.4 is out

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

(followed up only in devel list for now)

On Sun, Dec 11, 2005 at 05:00:30PM +0100, Krzysztof Oledzki wrote:
[0.6.4]
> Dec 11 16:52:29 gw1 racoon: WARNING: ignore INITIAL-CONTACT notification, 
> because it is only accepted after phase 1.
> Dec 11 16:52:29 gw1 racoon: INFO: ISAKMP-SA established (...)
> Dec 11 16:52:29 gw1 racoon: INFO: respond new phase 2 negotiation: (...)
> Dec 11 16:52:29 gw1 racoon: INFO: respond new phase 2 negotiation: (...)
> Dec 11 16:52:29 gw1 racoon: INFO: IPsec-SA established: ESP/Tunnel (...)
> Dec 11 16:52:29 gw1 racoon: INFO: caught signal 17
> Dec 11 16:52:29 gw1 racoon: INFO: IPsec-SA established: ESP/Tunnel (...)
> Dec 11 16:52:29 gw1 racoon: INFO: caught signal 17
> Dec 11 16:52:29 gw1 racoon: INFO: IPsec-SA established: ESP/Tunnel (...)
> Dec 11 16:52:29 gw1 racoon: INFO: caught signal 17
> Dec 11 16:52:29 gw1 racoon: INFO: IPsec-SA established: ESP/Tunnel (...)
> Dec 11 16:52:29 gw1 racoon: INFO: caught signal 17
> Dec 11 16:52:29 gw1 racoon: INFO: unsupported PF_KEY message 0
> Dec 11 16:52:29 gw1 last message repeated 3 times
> Dec 11 16:52:30 gw1 racoon: INFO: racoon shutdown
> 
> I have privsep enabled but 0.6.3 works without any problems. Will try to 
> do some debugging later.

The problem is because you get an USR2 signal (signal 17).

The old code already considered some signals (including USR1 and USR2)
to be "default" in check_sigreq() and then to start a racoon shutdown.

We'll have to deal with "what should be done when getting some
signals" (I don't consider shutting donw as a "good think to do" when
receiving an USR signal...), but the new patch shouldn't have changed
anything in racoon's reaction.

Yvan.