Ubuntu
ipsec-tools package

3.9.3 kernel supports none AES-CTR key lengths

Bug #1199358 reported by Alexander Gurvitz
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ipsec-tools (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Actually it is a kernel bug, but since it affects (only) setkey users, posting here.

The following ipsec-tools.conf:

#!/usr/sbin/setkey -f
flush;
add 1.1.1.1 1.1.1.2 esp 1000 -E aes-ctr 0x11111111111111111111111111111111111111111111111111111111111111111111111;

.....results is error:

line 3: Not supported at [0x11111111111111111111111111111111111111111111111111111111111111111111111]
parse failed, line 3.

Any key length I try results in the same error message. With 3.2 kernel it worked well.

ipsec-tools version: 0.8.0

Revision history for this message
Alexander Gurvitz (0k53dmx9cig8cqkasqs0vqz-alex-f830mk0e7z07dk74sm41k1n) wrote :

It works in the latest release kernel (3.10.0-2.10).

I think this bug should be closed. (Sorry submitting bug before testing it with the latest release kernel.)

Alexander

Revision history for this message
Robie Basak (racb) wrote :

Thanks. If this was a kernel bug, it would need to be filed against the "linux" source package for the kernel team to take a look at it. The "ipsec-tools" package is for the userspace components only. So this bug would be invalid in ipsec-tools anyway.

Changed in ipsec-tools (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.